androidmtk.com Open in urlscan Pro
192.124.249.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://androidmtk.com/
Effective URL:
https://androidmtk.com/
Submission: On December 09 via api (December 9th 2023, 12:14:32 pm UTC) from US — Scanned from DE

Summary HTTP 223 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 57 IPs in 9 countries across 44 domains to perform 223 HTTP transactions. The main IP is 192.124.249.19, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is androidmtk.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on April 24th 2023. Valid for: a year.

This is the only time androidmtk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	192.124.249.19 192.124.249.19	30148 (SUCURI-SEC) (SUCURI-SEC)
18	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
13	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	65.9.90.93 65.9.90.93	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
3 10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	65.9.95.83 65.9.95.83	16509 (AMAZON-02) (AMAZON-02)
1	52.222.253.136 52.222.253.136	16509 (AMAZON-02) (AMAZON-02)
1	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
2	65.9.95.100 65.9.95.100	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:212... 2600:9000:2127:6200:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:212... 2600:9000:2127:5600:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.212.5.247 52.212.5.247	16509 (AMAZON-02) (AMAZON-02)
3	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:1a0:3675:b602:a15	16509 (AMAZON-02) (AMAZON-02)
5 15	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 2	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
2	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
3 4	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.209.195.170 52.209.195.170	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.93.159.64 54.93.159.64	16509 (AMAZON-02) (AMAZON-02)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	35.157.229.177 35.157.229.177	16509 (AMAZON-02) (AMAZON-02)
1 2	63.34.88.188 63.34.88.188	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2600:9000:212... 2600:9000:2127:ba00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:1f13:800... 2600:1f13:800:7782:7a4c:88f0:f811:a639	16509 (AMAZON-02) (AMAZON-02)
223	57

2 192.124.249.19 (Menifee, United States) 1 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10019.sucuri.net

androidmtk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.androidmtk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.90.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-90-93.prg50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-83.prg50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-100.prg50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:6200:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:5600:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.5.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-5-247.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:1a0:3675:b602:a15 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.184.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.101 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.195.170 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-195-170.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.159.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-159-64.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.229.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-229-177.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.88.188 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-88-188.eu-west-1.compute.amazonaws.com

jpmcbankna.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2127:ba00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f13:800:7782:7a4c:88f0:f811:a639 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	572 KB
35	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	416 KB
20	androidmtk.com 1 redirects androidmtk.com cdn.androidmtk.com	249 KB
17	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	187 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	104 KB
13	demand.supply live.demand.supply — Cisco Umbrella Rank: 57430	43 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	158 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 340	35 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	73 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 478 ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	255 KB
4	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811 dis.criteo.com — Cisco Umbrella Rank: 550	8 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	67 KB
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	24 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5624	953 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643	656 B
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1673 a.ad.gt — Cisco Umbrella Rank: 1869	4 KB
3	yahoo.com 1 redirects connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4156 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	10 KB
2	demdex.net 1 redirects jpmcbankna.demdex.net — Cisco Umbrella Rank: 9566	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	647 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	148 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	23 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	35 B
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 7973	233 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	274 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 902	451 B
1	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 8960	233 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1381	878 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1352	5 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1790	10 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042	17 KB
223	44

	Domain	Requested by
27	tpc.googlesyndication.com	googleads.g.doubleclick.net androidmtk.com 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
26	pagead2.googlesyndication.com	androidmtk.com pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com www.googletagservices.com
18	cdn.androidmtk.com	androidmtk.com
17	s0.2mdn.net	androidmtk.com s0.2mdn.net
15	cm.g.doubleclick.net	5 redirects 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com googleads.g.doubleclick.net
13	live.demand.supply	androidmtk.com live.demand.supply client
10	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com androidmtk.com
8	dt.adsafeprotected.com	0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
7	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
6	www.googleadservices.com	androidmtk.com
6	www.gstatic.com	googleads.g.doubleclick.net androidmtk.com 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	googleads.g.doubleclick.net 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com androidmtk.com
4	www.googletagservices.com	googleads.g.doubleclick.net androidmtk.com
3	static.adsafeprotected.com	fw.adsafeprotected.com 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
3	an.yandex.ru	2 redirects 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
3	www.google.com	androidmtk.com tpc.googlesyndication.com
3	0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	live.demand.supply c.amazon-adsystem.com
2	googleads4.g.doubleclick.net	androidmtk.com
2	jpmcbankna.demdex.net	1 redirects 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
2	d5p.de17a.com	2 redirects
2	fw.adsafeprotected.com	1 redirects androidmtk.com
2	ib.adnxs.com	1 redirects googleads.g.doubleclick.net
2	secure.adnxs.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects androidmtk.com
2	id5-sync.com	cdn.id5-sync.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	id.hadron.ad.gt	cdn.hadronid.net
2	cdn.id5-sync.com	androidmtk.com securepubads.g.doubleclick.net
2	tags.crwdcntrl.net	androidmtk.com securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	androidmtk.com www.googletagmanager.com
2	androidmtk.com	1 redirects
1	cdnjs.cloudflare.com	s0.2mdn.net
1	ajax.googleapis.com	s0.2mdn.net
1	x.bidswitch.net	0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
1	match.sharethrough.com	0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
1	dsp.adkernel.com	0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
1	dis.criteo.com	1 redirects
1	r.turn.com	0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	trace.mediago.io	1 redirects
1	rtb2-useast.e-volution.ai	0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
1	cs.media.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	a.ad.gt	cdn.hadronid.net
1	mug.criteo.com	androidmtk.com
1	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.hadronid.net	androidmtk.com
1	secure.cdn.fastclick.net	androidmtk.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
223	69

This site contains links to these domains. Also see Links.

Domain
follow.it
twitter.com
sulvo.com

Subject Issuer	Validity	Valid
androidmtk.com Starfield Secure Certificate Authority - G2	`2023-04-24` - `2024-04-24`	a year	crt.sh
cdn.androidmtk.com R3	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2023-08-15` - `2024-02-08`	6 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2023-10-25` - `2024-11-24`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://androidmtk.com/
Frame ID: 13D000299159AFA720BC41544A9A313C
Requests: 84 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: 692A93D825900994915DB4D941F1455B
Requests: 1 HTTP requests in this frame

Frame: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 687415219B0998C1A43262F47275A232
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&adk=1812271804&adf=3025194257&lmt=1702090039&plaf=7%3A2&plat=1%3A64%2C2%3A64%2C3%3A128%2C4%3A128%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061666&bpp=3&bdt=212&idt=283&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=704393100394&frm=20&pv=2&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=297
Frame ID: C1505DF49A9E39A701FA69212E547246
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=androidmtk.com
Frame ID: 003A0410BD73E8444B7E37B8E10379D9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=90&slotname=7692023780&adk=519304273&adf=2737169300&pi=t.ma~as.7692023780&w=728&lmt=1702090039&rafmt=12&format=728x90&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061669&bpp=1&bdt=215&idt=308&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=312
Frame ID: F4685D639C73AC06D85C7757D0819E28
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=250&slotname=7342559749&adk=2577869848&adf=2393444816&pi=t.ma~as.7342559749&w=300&lmt=1702090039&format=300x250&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061670&bpp=1&bdt=216&idt=324&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=326
Frame ID: 277DB3E40FCEC3EA7079B2AA52DEBCC2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=250&slotname=7342559749&adk=3959209433&adf=945246212&pi=t.ma~as.7342559749&w=300&lmt=1702090039&format=300x250&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061671&bpp=1&bdt=217&idt=328&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=330
Frame ID: 89BDA9B0448A41355608078C0863DA1A
Requests: 14 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 82D27E0226B4359643C64B0BBDB064BF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: EF0494150A1B168E7AA85AF3A1E84695
Requests: 1 HTTP requests in this frame

Frame: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EAD2DA8E802990F2C7D38FD2EC3ED3D8
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 31AD5552D0F27BFFA8E7D61B5E8D7EE0
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D84DDBD971C305DBA955B959EF5E20EC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: E4CD2F6663D9D4FCE405B235BCD911D4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: B7E59E5026F4F23FA583248F1A021263
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: DD3EE5200A3421842B4A0F1BA21A14CA
Requests: 1 HTTP requests in this frame

Frame: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 90BB4192A732954679386AB7CBD49FA3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIYrtfr7QEwAQ&v=APEucNXHxY8SgXn4Gat8un2e9QjMJXoBiWaUMQxJrUqRDZ9K_mWSakUxIKk4qLZty93EyJME8simlezyHuqcGg-UPQ8tBksjxm3GD8Tek9MkebCyJ1XBRV-J4ThG2k1N1faR9yVvvrsimNtxhivjhAsRRl30Pz8nb2-YDAUKzNRBt4aP1bxWX7BJ34EqqceUlGFJ4Rf_vUcU
Frame ID: 42232A1AF2D2B264E5F7C387032435A4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: DE88488C62F8F77F1D28141063C3BCAD
Requests: 30 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 67608D3A4F643A0C04E4ED4BDE525944
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C51F00367C65F9ADD9D15650B0B272B8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A4611126DD8211984643B5A5A86909FE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B9F49DD070B494ED6C62424612F99535
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
Frame ID: 37723E9BD316F2CFCD8BFF65408890D6
Requests: 18 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 33258A697528EFD0DB8D86FC91DACE93
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Android MTK - How-to Guide, Firmware, Driver, and Tools

Page URL History Show full URLs

http://androidmtk.com/ HTTP 301
https://androidmtk.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

223
Requests

91 %
HTTPS

53 %
IPv6

44
Domains

69
Subdomains

57
IPs

9
Countries

2461 kB
Transfer

6502 kB
Size

32
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://follow.it/androidmtk

Search URL Search Domain Scan URL

URL: https://twitter.com/androidmtk

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://androidmtk.com/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://androidmtk.com/ HTTP 301
https://androidmtk.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://oajs.openx.net/esp?url=https%3A%2F%2Fandroidmtk.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fandroidmtk.com%2F&rid=esp&cc=1

Request Chain 75

https://gum.criteo.com/sid/json?origin=publishertagids&domain=androidmtk.com&sn=ChromeSyncframe&so=0&topUrl=androidmtk.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=AIwrB3xybDN0TllMVlYvbXlFRkZwRlFuZGxKUmNFVlk1U0ZUL3NMSHkyamczK2VweVBlaWtVRkFxMzBRanZYQTJZNjFRZnZWVXpRdmV5TzhOU0U0Sm9OenRTajBxVWFUZVdKNmdVeEtWbjZjRnpCaGZFbFh6MTUxc0JtMkd4QUI1bzFEOWIwUkRkT0QxOERaYkhQMzNhSGVzcXAyRUl2UEczYmRhcVVoMVAyKzRtUnpXcWlwbmF6WUVHWWZ4K0p3Rzl5aGV5WUJ4YlovN0VQU3JZY3pXTlg3UXZWWVIxMkVuUjdTVEhycnVyWmtPa05XdmxZVVVZQVo4aUx1Y0dVeUR0UFdRMDYrVzdZODJ3MytLcjVvbXJyS21SZVZJTXU5dFFrR29rTFN4SWZzYnFTTT18&cppv=2

Request Chain 95

https://googleads.g.doubleclick.net/pagead/adview?ai=CRmLnHlp0Zc2tAYi2gAej4LrYBLL7gdN0z97Nnt4Sm-nz_QgQASCTpv0NYJWCgIC0B6AB1u_7xCrIAQmoAwHIA8sEqgTbAU_QPgGfgZjIsbYZgoTgaMJYGj0vkb25f8HKpG_ZOFPc20yc1tjPqEubE8LL2d6wyn4rmTIo1SQk4JNJkFEq0wXVGY5uhoFA2g4WsPEk44DVTBB5-gED61Blap8C3T-L5MPUK3LjaVaFAwsfhwraebiVUQZ_1RhPZAki89kGguUS-nxWHFlVXK3Imzik9UcUvm0pf9isH19cuU8FiMGXtKWGPweTVK_ZPGaSxEcH_uZz5ZLDeGFJYrQ9cHpEghGoQdkQf-_df2NFaQ6vziujZNLJZhLuXWIOTF9P88AEkMTgxs8EiAWoh5_PTZIFBAgEGAGSBQQIBRgEoAYugAfWp8ykBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEPPuC9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY3JzSoKqCgwOaCYkBaHR0cHM6Ly96aXBpemlwZXIuY29tL2Rvd25sb2FkMi5odG1sP2NhbXBhaWduX2lkPTIwODM1NzEzOTYwJmFkZ3JvdXBfaWQ9MTU4NzkzNzM2NzIwJnBsYWNlbWVudF9pZD1hbmRyb2lkbXRrLmNvbSZjcmVhdGl2ZV9pZD02ODM0ODkwMzI0NTaACgHICwGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbEC2BMKiBQB0BUBgBcBshccChoIABIUcHViLTY3NzkzNTQzMDAwNzE4OTcYAA&sigh=f_kMDQN5c14&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNMrWA9d7wT7QJdbbBVPCd286zd0kFdDo_L440TUA_XBp_Ku9RXTgbXRNg44l6wYJi9mrSkaPMTZyYDCSkPOhHQzTn86gO9Am7exgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215250530560709685238%22,%22debug_reporting%22:true,%22destination%22:%22https://zipiziper.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211418925014%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212151765316849995345%22}&andc=true

Request Chain 137

https://googleads.g.doubleclick.net/pagead/adview?ai=Ck8k0Hlp0Zbslq47H8A-p_J-IBrL7gdN0z97Nnt4Sm-nz_QgQASCTpv0NYJWCgIC0B6AB1u_7xCrIAQmoAwHIA8sEqgTdAU_Qy82JxPCIJzJbTZTjZm24iC01wOyM_JZsqrik80QpqaeYyNa4zX_82KGLLFqEDwQXrSyApykMiVednPpnowo5PTD4FRjwJU3tW_Kyo4qQcCRrAWAZgdDrfItP7G48uRZ_EKpYIwcFxjje6u4I7oQzy-_T2iNfB8lL7EIRUVyB0rKBC1sqxY8qRtagmaQ1h0JWMkfeVVfyHYsXUYRYNly9rrGd8-ohUjtVu5Wu6rlJLHRa4ZqbSrjBxX9OwanGp7OebgE-xeUT1RpyTB4Jz5-j9ougnaOJBS8wUUQmwASQxODGzwSIBaiHn89NkgUECAQYAZIFBAgFGASgBi6AB9anzKQFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQtdQn0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlifjtGgqoKDA5oJiQFodHRwczovL3ppcGl6aXBlci5jb20vZG93bmxvYWQyLmh0bWw_Y2FtcGFpZ25faWQ9MjA4MzU3MTM5NjAmYWRncm91cF9pZD0xNTg3OTM3MzY3MjAmcGxhY2VtZW50X2lkPWFuZHJvaWRtdGsuY29tJmNyZWF0aXZlX2lkPTY4MzQ4OTAzMjQ1NoAKAcgLAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAtgTCogUAdAVAYAXAbIXHAoaCAASFHB1Yi02Nzc5MzU0MzAwMDcxODk3GAA&sigh=lhz3RV7_3-c&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNh6_iNcYTqxKRTtTPaWWmXN2L2653dPM2XEAbcxuYX6pZCv52BXFCh3xmsYGNJek8dNlmQBOMXybQKFIukoMcylxlg9D3KCwalBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226683540447029672372%22,%22debug_reporting%22:true,%22destination%22:%22https://zipiziper.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211418925014%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221294636093893819409%22}&andc=true

Request Chain 138

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHEoOsK-1LRAmf2ToBdv7gs&google_cver=1&google_push=AXcoOmSX3QQLOFrbGLdC3ZRlOhDC-0HkAAMcKKPBLtX0nylu3rQjDB9dntZrHAT76nkF693vyX02Xs5FwVoWVZswtSMSdzE6ykg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSX3QQLOFrbGLdC3ZRlOhDC-0HkAAMcKKPBLtX0nylu3rQjDB9dntZrHAT76nkF693vyX02Xs5FwVoWVZswtSMSdzE6ykg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHEoOsK-1LRAmf2ToBdv7gs&google_cver=1&google_push=AXcoOmSX3QQLOFrbGLdC3ZRlOhDC-0HkAAMcKKPBLtX0nylu3rQjDB9dntZrHAT76nkF693vyX02Xs5FwVoWVZswtSMSdzE6ykg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSX3QQLOFrbGLdC3ZRlOhDC-0HkAAMcKKPBLtX0nylu3rQjDB9dntZrHAT76nkF693vyX02Xs5FwVoWVZswtSMSdzE6ykg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 139

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHIXgWWTGXd0OrMalMgfuzQ&google_cver=1&google_push=AXcoOmQ8Samv_N2hw1j3FASacOf2IpXI_8rCPZSSbkpJWCkl8wR2RUsTlziVdcT64qTsC9_qn6J0_ECtdha4aSYziwMtFMggl8da HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ8Samv_N2hw1j3FASacOf2IpXI_8rCPZSSbkpJWCkl8wR2RUsTlziVdcT64qTsC9_qn6J0_ECtdha4aSYziwMtFMggl8da&google_hm=eS1nd3IuQnB0RTJwRXpETE1YYTdSaENLZjA0REZ2M2NaUX5B

Request Chain 140

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEO_K7rN3oR5BAHTqlsC5UkM&google_cver=1&google_push=AXcoOmTji6gmyuS1KpMm9Rdi6YFmAYXsf3yNfTA166kqQUxfVdLkIcK_GwfWKsTQUsZ6G6KmvFD5lR_URFakZzGrZmOy-HYFD7W7 HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEO_K7rN3oR5BAHTqlsC5UkM&google_push=AXcoOmTji6gmyuS1KpMm9Rdi6YFmAYXsf3yNfTA166kqQUxfVdLkIcK_GwfWKsTQUsZ6G6KmvFD5lR_URFakZzGrZmOy-HYFD7W7&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTji6gmyuS1KpMm9Rdi6YFmAYXsf3yNfTA166kqQUxfVdLkIcK_GwfWKsTQUsZ6G6KmvFD5lR_URFakZzGrZmOy-HYFD7W7&google_hm=eUZENmNHd1lMVzJwZVl6eGJlTjk=

Request Chain 141

https://cs.media.net/cksync?type=g&google_gid=CAESEAlzGuR0JVL9-JD2yfNjniE&google_cver=1&google_push=AXcoOmQ6mUbQ7yr2QUwHoChTjw6NShOuV2TG4Y5MtjNsya9i9nHoQk7e5iuuaaQkkJLrN4Puzl7Muz28fO67eB55LJalN8PoHtmm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1MTI1NjYyNzMxNzUyODAwMFYxMA%3d%3d&mn_hm=MzQ1MTI1NjYyNzMxNzUyODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQ6mUbQ7yr2QUwHoChTjw6NShOuV2TG4Y5MtjNsya9i9nHoQk7e5iuuaaQkkJLrN4Puzl7Muz28fO67eB55LJalN8PoHtmm&gdpr=&gdpr_consent=

Request Chain 143

https://trace.mediago.io/cs/google?google_gid=CAESEG30z2Rd72Lwbf19W7yMSHw&google_cver=1&google_push=AXcoOmSnPbqTq_PRZvQ4rY0dJcpkRskFo1Zxu0C0fg5vJcO4zdOctpcxBk8JaHtSPXADZK7ovffYdPlrDfU532MyflB-9ziqSnTW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSnPbqTq_PRZvQ4rY0dJcpkRskFo1Zxu0C0fg5vJcO4zdOctpcxBk8JaHtSPXADZK7ovffYdPlrDfU532MyflB-9ziqSnTW&google_hm=81fa84b7097cb6321h7gnh00lpy0pwqh

Request Chain 144

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFiKbgu5jSRV7rlxwQ82J6E&google_cver=1&google_push=AXcoOmSqFTI563MidYbYK9meqPbm8hzqxZnas3l9Eg73eDHHSncD9qsvco54FAF0aPv8pWWPV1FNyNks143nO1cVIbXZD2NGWFBghg HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEFiKbgu5jSRV7rlxwQ82J6E%26google_cver%3D1%26google_push%3DAXcoOmSqFTI563MidYbYK9meqPbm8hzqxZnas3l9Eg73eDHHSncD9qsvco54FAF0aPv8pWWPV1FNyNks143nO1cVIbXZD2NGWFBghg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODY0NjkzMzc0MjMyMTk0NDc5MA%3D%3D&google_gid=CAESEFiKbgu5jSRV7rlxwQ82J6E&google_cver=1&google_push=AXcoOmSqFTI563MidYbYK9meqPbm8hzqxZnas3l9Eg73eDHHSncD9qsvco54FAF0aPv8pWWPV1FNyNks143nO1cVIbXZD2NGWFBghg

Request Chain 147

https://googleads.g.doubleclick.net/pagead/adview?ai=CGzLYHlp0ZZWfAYGIgAfSpbKgBLL7gdN0z97Nnt4Sm-nz_QgQASCTpv0NYJWCgIC0B6AB1u_7xCrIAQmoAwHIA8sEqgTbAU_QtjOW8S-MXrAKbi6AzjKCFWtflD710Gn7IKp7HE3PDEwGGcYCca3h3xKVuGIKPfRfZmKkNOWf5J2sJvwN7ZHqe5p9cedF6D8MkD6LFBH-XSg4JD-arMIclNccueuSzWN2m8kdVSCTf0Szg74fAejqYgi5_UtFRA5CUElpECQeiCotlK2vqZQbb2VjF_3Omm3sHfyCr8y1_P3IKMKKMGCuDa8qx3KmPlz8crCj3TNNtGbJV3fisklPX4jrtMKw_75ZgmP5fSNbFGYjCyYE1o4gpY3KMDr2x7imZsAEkMTgxs8EiAWoh5_PTZIFBAgEGAGSBQQIBRgEoAYugAfWp8ykBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEP7bStIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY4IbSoKqCgwOaCYkBaHR0cHM6Ly96aXBpemlwZXIuY29tL2Rvd25sb2FkMi5odG1sP2NhbXBhaWduX2lkPTIwODM1NzEzOTYwJmFkZ3JvdXBfaWQ9MTU4NzkzNzM2NzIwJnBsYWNlbWVudF9pZD1hbmRyb2lkbXRrLmNvbSZjcmVhdGl2ZV9pZD02ODM0ODkwMzI0NTaACgHICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7EC2BMKiBQB0BUBgBcBshccChoIABIUcHViLTY3NzkzNTQzMDAwNzE4OTcYAA&sigh=Ks-VoLJXx3M&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNVBVIHGVmW5HaGn4Y2TMpZlGX8FNKiI93l8N_nL6hnAY179OEgTic37lg-p4PM9OGZYECVOq5mLsTYpmvqainhBzfqqfsYsh70BgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211550181125895497593%22,%22debug_reporting%22:true,%22destination%22:%22https://zipiziper.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211418925014%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215742430573798424737%22}&andc=true

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECH3OM9xdJqmD7WbUxJ5HpE&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECH3OM9xdJqmD7WbUxJ5HpE&google_cver=1&C=1

Request Chain 171

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXRaH--ipZfZrQwBl8D3pAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECH3OM9xdJqmD7WbUxJ5HpE&google_cver=1

Request Chain 172

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDtoSswtpPTrfH4eTmGNSHc&google_cver=1

Request Chain 173

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY0NjkzMzc0MjMyMTk0NDc5MA%3D%3D

Request Chain 185

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHOSwrxADgP_wW1JcRIiNQ8&google_cver=1&google_push=AXcoOmQivfVfSr8mcy8OSFdUV9cLDpM0L38DEyhR_26Jzsu_qhlKxoDXDP84Vj0-XrQ6VhYxydUEoe6dNzva1JR3xT4om42sXsc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Njk4NjIxMTI4NjkwNzcwNDM0Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHOSwrxADgP_wW1JcRIiNQ8&google_cver=1

Request Chain 186

https://d5p.de17a.com/cookies/google?google_gid=CAESEFNIu6HtGqolh7jiGgQXJos&google_cver=1&google_push=AXcoOmQGE-7R-E6efyecJhihEsRB_peS2sANcRICiWYdSvLeV3tx7zaE9biA5q1usYRGcM8X2C7IvxeIbWR-uv1QHo6WYi0xNP1t HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFNIu6HtGqolh7jiGgQXJos&google_cver=1&google_push=AXcoOmQGE-7R-E6efyecJhihEsRB_peS2sANcRICiWYdSvLeV3tx7zaE9biA5q1usYRGcM8X2C7IvxeIbWR-uv1QHo6WYi0xNP1t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQGE-7R-E6efyecJhihEsRB_peS2sANcRICiWYdSvLeV3tx7zaE9biA5q1usYRGcM8X2C7IvxeIbWR-uv1QHo6WYi0xNP1t

Request Chain 187

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRglbyw1ZX6xl_N6mzMr1VC2-_7o7-L5R5VZSIOorh0xVWzL5jb1-nRdCdACFnPf5E019CTWceXq_99mwIt6gOihqgBvts-&google_gid=CAESECp-p4NHZTBtWedtwU-2lfc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-ZFQ99OTFu-_x5GfDLISfpQWKPph0yO1pFgzDYg&google_push=AXcoOmRglbyw1ZX6xl_N6mzMr1VC2-_7o7-L5R5VZSIOorh0xVWzL5jb1-nRdCdACFnPf5E019CTWceXq_99mwIt6gOihqgBvts-

Request Chain 190

https://an.yandex.ru/mapuid/google/CAESEH0uaev0TqyEJTaiNUt_X-s?ext-param=AXcoOmRvo-uIDL1OLodZU_4f7RJ95HkL3aIrDMJIlc2sxTHb0DoaTTdoR23wu9MNnjjI7cImslwOL0NFpFw-kp_YIct8ivvk6wLjmg&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEH0uaev0TqyEJTaiNUt_X-s?redir-setuniq=1&ext-param=AXcoOmRvo-uIDL1OLodZU_4f7RJ95HkL3aIrDMJIlc2sxTHb0DoaTTdoR23wu9MNnjjI7cImslwOL0NFpFw-kp_YIct8ivvk6wLjmg&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEH0uaev0TqyEJTaiNUt_X-s&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 194

https://jpmcbankna.demdex.net/event?d_event=imp&d_src=441384&d_site=8504253&d_creative=193268044&d_placement=368994727&d_campaign=30127422&d_bust=2881121225 HTTP 302
https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193268044&d_placement=368994727&d_campaign=30127422&d_bust=2881121225

Request Chain 217

https://fw.adsafeprotected.com/rfw/st/1520186/71964881/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012253692&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20287343715&bidurl=https://androidmtk.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gGw-g-PYKomRSreE1RmkfC&adsafe_url=https%3A%2F%2Fandroidmtk.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fandroidmtk.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:496c327c-9fb0-d0bd-88bf-80062268a3b9,c:wiXKch,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765b799994-wvrtn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:135,mot:0,app:0,maw:0,fm:tXWz6CK+11%7C12%7C13%7C14%7C151%7C161%7C171%7C18%7C1911%7C1912%7C1a1*.1520186-71964881%7C1a11%7C1a12%7C1a13%7C1a14%7C1b%7C1c,idMap:1a1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:152,oid:7d20bfb0-968c-11ee-bd70-46c07d87b9a4,v:19.8.464,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}

223 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
androidmtk.com/
Redirect Chain

http://androidmtk.com/
https://androidmtk.com/

72 KB
19 KB

44ms
19ms

Document
text/html

192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

1c7c4aaec4a85d283b91782044ba449a59cbe4a0d3840a408831d57b6d4053de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 12:14:21 GMT
last-modified: Sat, 09 Dec 2023 02:47:19 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-sucuri-cache: HIT
x-sucuri-id: 15019
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sat, 09 Dec 2023 12:14:21 GMT
Location: https://androidmtk.com/
Server: Sucuri/Cloudproxy
X-Sucuri-ID: 15019

GET
H2 200 inter-latin-ext.woff2
cdn.androidmtk.com/font/ 78 KB
79 KB 154ms
72ms Font
font/woff2 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.androidmtk.com/font/inter-latin-ext.woff2

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://androidmtk.com/
Origin: https://androidmtk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1080
x-sucuri-cache: MISS
cdn-cachedat: 11/09/2023 11:10:20
cdn-pullzone: 1230295
content-length: 79940
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 09 Nov 2023 10:51:34 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "654cb9b6-13844"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: 82e0a0a0b229b724bda4e634f7b822fb
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://androidmtk.com/font/inter-latin-ext.woff2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 inter-latin.woff2
cdn.androidmtk.com/font/ 46 KB
47 KB 153ms
72ms Font
font/woff2 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.androidmtk.com/font/inter-latin.woff2

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://androidmtk.com/
Origin: https://androidmtk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1082
x-sucuri-cache: MISS
cdn-cachedat: 11/22/2023 13:49:04
cdn-pullzone: 1230295
content-length: 46704
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 09 Nov 2023 10:51:34 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "654cb9b6-b670"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: 430265a7cf6b4f9d9b8759da0100e814
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://androidmtk.com/font/inter-latin.woff2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 80ms
36ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-49440195-1

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

259c41511ed9f9f48c946c13ee0252232c271ccfde7e304d84495c66d60fe386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68935
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 12:14:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 111ms
66ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6779354300071897

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecf77f3066349a900d6846e1a3db74b84a0af0014f947c240ee2d55759fbb6d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidmtk.com/
Origin: https://androidmtk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52033
x-xss-protection: 0
server: cafe
etag: 17704499882447567671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 12:14:21 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 10 KB
5 KB 125ms
86ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/up.js

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9b634128345caa20a2aa0e4805a38594c244a0afec1628170274466e84af5d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HH0D30GEAE90WMEFGBN1ZBCC
date: Sat, 09 Dec 2023 12:14:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 935
cf-polished: origSize=10288
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ebe02ba20d7c2f6799d21b06f6e858ec-ssl-df"
cache-status: "Netlify Edge"; fwd=miss
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 832d2ad86ee09c0d-FRA
link: <https://live.demand.supply/impl.v17.24.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-24-0/YW5kcm9pZG10ay5jb20v>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 infinix-fi-100x75.png
cdn.androidmtk.com/wp-content/uploads/ 3 KB
3 KB 113ms
42ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/infinix-fi-100x75.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

9c741b415dc834b1d2db74572c007d6f3f9f796fb729ad39984a86af98839561

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1082
x-sucuri-cache: MISS
cdn-cachedat: 07/07/2023 03:12:53
cdn-pullzone: 1230295
content-length: 2662
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 17 Feb 2022 09:57:20 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "620e1c00-a66"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: 7680f7d59d6029a764f6b5e2d86d8622
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/infinix-fi-100x75.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 samsung-bk-100x75.png
cdn.androidmtk.com/wp-content/uploads/ 2 KB
3 KB 129ms
59ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/samsung-bk-100x75.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

d4cbd23e676af725606e4b7315ba69305b60d19b55f3cf80c1fb2af27b439945

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1081
x-sucuri-cache: MISS
cdn-cachedat: 07/07/2023 02:15:29
cdn-pullzone: 1230295
content-length: 2552
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 13 Jan 2022 04:28:58 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "61dfaa8a-9f8"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: 9eef2c03bf62003961d05675d1847051
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/samsung-bk-100x75.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 thor-flash-utility-fi-100x72.png
cdn.androidmtk.com/wp-content/uploads/2023/12/ 5 KB
5 KB 112ms
42ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/2023/12/thor-flash-utility-fi-100x72.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

ab8e7bc51bf9df43a94c40ee45f2d841858f26d3a256128e58caab49297748d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1081
x-sucuri-cache: MISS
cdn-cachedat: 12/01/2023 03:39:46
cdn-pullzone: 1230295
content-length: 4852
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 30 Nov 2023 17:15:08 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "6568c31c-12f4"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: c18f7d0eaec3ce42a1bdf7365d745533
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/2023/12/thor-flash-utility-fi-100x72.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8db73f93748b2f7f1108a601933d768f9821956e529af6ee30fd3c553077b6cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 478 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1263b8480255c6ba085d4941071d96b9c18fa5cd1dd98478ace96e050294ef3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 939a77e51b49b4a03c7ccc745b80804dc97a0543f2d16de724bca82e4e4974fc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 inter-latin-wght-normal.woff2
cdn.androidmtk.com/font/ 46 KB
47 KB 88ms
55ms Font
font/woff2 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.androidmtk.com/font/inter-latin-wght-normal.woff2

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://androidmtk.com/
Origin: https://androidmtk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1080
x-sucuri-cache: MISS
cdn-cachedat: 11/15/2023 08:04:36
cdn-pullzone: 1230295
content-length: 46704
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 15 Nov 2023 08:02:28 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "65547b14-b670"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: 2ac298e0c1409b85519dccf709ce2b23
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://androidmtk.com/font/inter-latin-wght-normal.woff2>; rel="canonical"
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 934da88d6589b40680733463328dc6a694f48db07e1b8dd50f09f94ff6efd81f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 thor-flash-utility-fi.png
cdn.androidmtk.com/wp-content/uploads/2023/12/ 7 KB
8 KB 80ms
31ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/2023/12/thor-flash-utility-fi.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

ff2ebb5416fc267091cf33b038eadae2f4c0aaa5f8b06c8410414e79d40a5a10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1080
x-sucuri-cache: MISS
cdn-cachedat: 12/01/2023 03:39:47
cdn-pullzone: 1230295
content-length: 7397
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 30 Nov 2023 17:15:07 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "6568c31b-1ce5"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: 057d2431b7e89000ac7b70f156b2bfb2
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/2023/12/thor-flash-utility-fi.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 azerokit-fi.png
cdn.androidmtk.com/wp-content/uploads/2023/11/ 4 KB
5 KB 87ms
39ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/2023/11/azerokit-fi.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

078606c18353237e7225d356ee99be69817953625784361480e500906341ffe5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1082
x-sucuri-cache: MISS
cdn-cachedat: 11/30/2023 03:38:42
cdn-pullzone: 1230295
content-length: 3915
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 29 Nov 2023 21:05:54 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "6567a7b2-f4b"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: 70c833f76fa44e157de680725d78c71c
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/2023/11/azerokit-fi.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 mtk-easy-su-fi.png
cdn.androidmtk.com/wp-content/uploads/2023/11/ 9 KB
10 KB 103ms
55ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/2023/11/mtk-easy-su-fi.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

eac9d64d880c2d41221d5902e61ba6471d1b120fee332967470911da1279958c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1080
x-sucuri-cache: MISS
cdn-cachedat: 11/29/2023 03:31:37
cdn-pullzone: 1230295
content-length: 9480
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Tue, 28 Nov 2023 19:33:27 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "65664087-2508"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: 13c2b97bcd00673b499c631f8c33880c
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/2023/11/mtk-easy-su-fi.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 kernelsu.png
cdn.androidmtk.com/wp-content/uploads/2023/11/ 308 B
1 KB 108ms
60ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/2023/11/kernelsu.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

9a430aec99ce867275e14de9a553dbaa8bbf7a84d371a09e49811bac89cec504

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1082
x-sucuri-cache: MISS
cdn-cachedat: 11/28/2023 03:35:15
cdn-pullzone: 1230295
content-length: 308
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 27 Nov 2023 07:27:01 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "656444c5-134"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: f41914ad90af1142404e51be01c8a35e
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/2023/11/kernelsu.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 crb-android-kitchen-fi.png
cdn.androidmtk.com/wp-content/uploads/2023/11/ 3 KB
3 KB 73ms
25ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/2023/11/crb-android-kitchen-fi.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

6aa17d5b5ba408fb8ae8b688c51769e1d55f87d200c11e9e24ca845b7804eab2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1081
x-sucuri-cache: MISS
cdn-cachedat: 11/26/2023 03:32:27
cdn-pullzone: 1230295
content-length: 2625
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 25 Nov 2023 09:09:20 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "6561b9c0-a41"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: 3d4aec79ca2f60c3d500ca483346df15
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/2023/11/crb-android-kitchen-fi.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 azerokit-fi-100x72.png
cdn.androidmtk.com/wp-content/uploads/2023/11/ 2 KB
3 KB 42ms
17ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/2023/11/azerokit-fi-100x72.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

e6ec20f1cef50a96d5038422163d53fff6b668609f5b5c2e767b736c9b93c387

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1082
x-sucuri-cache: MISS
cdn-cachedat: 11/30/2023 03:38:41
cdn-pullzone: 1230295
content-length: 2096
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 29 Nov 2023 21:05:54 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "6567a7b2-830"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: ebf82ebd862cd8dbee070699f4418e9c
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/2023/11/azerokit-fi-100x72.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 mtk-easy-su-fi-100x72.png
cdn.androidmtk.com/wp-content/uploads/2023/11/ 4 KB
4 KB 41ms
16ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/2023/11/mtk-easy-su-fi-100x72.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

166b58e72e03d4ab55d09650b70b5b064ed2b76d0c763ed05befd52cf41390b0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1081
x-sucuri-cache: MISS
cdn-cachedat: 11/29/2023 03:37:11
cdn-pullzone: 1230295
content-length: 3769
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Tue, 28 Nov 2023 19:33:27 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "65664087-eb9"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: 4cc3b9ab9b966dc392fd228ea584002e
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/2023/11/mtk-easy-su-fi-100x72.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 kernelsu-100x72.png
cdn.androidmtk.com/wp-content/uploads/2023/11/ 453 B
1 KB 34ms
16ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/2023/11/kernelsu-100x72.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

fcc10636da52fb9f046628f50dfab4d3907391b5700685666a995ac4e41f7925

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1081
x-sucuri-cache: MISS
cdn-cachedat: 11/28/2023 03:36:53
cdn-pullzone: 1230295
content-length: 453
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 27 Nov 2023 07:27:01 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "656444c5-1c5"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: 1b9cba6e327ce46f6e745d04f4899320
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/2023/11/kernelsu-100x72.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 itel-fi-100x75.png
cdn.androidmtk.com/wp-content/uploads/ 2 KB
3 KB 44ms
27ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/itel-fi-100x75.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

c5a5785c019eb0c495de22e9d18577113f12810a081efdf9e232147240bb7ea6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1080
x-sucuri-cache: MISS
cdn-cachedat: 07/07/2023 03:25:48
cdn-pullzone: 1230295
content-length: 1943
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 18 Feb 2022 12:13:34 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "620f8d6e-797"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: 7c3233220c92c1e4de2c99ce811fa8f6
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/itel-fi-100x75.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 crb-android-kitchen-fi-100x72.png
cdn.androidmtk.com/wp-content/uploads/2023/11/ 2 KB
3 KB 35ms
18ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/2023/11/crb-android-kitchen-fi-100x72.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

e67dc4d4d8c78146bf82fe896ece23721715bca0fc64f21896f42b91bdbaec5a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1080
x-sucuri-cache: MISS
cdn-cachedat: 11/26/2023 03:46:55
cdn-pullzone: 1230295
content-length: 1982
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 25 Nov 2023 09:09:20 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "6561b9c0-7be"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: 53d089c583363e863c384995b24f5bc3
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/2023/11/crb-android-kitchen-fi-100x72.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tecno-fi-100x75.png
cdn.androidmtk.com/wp-content/uploads/ 1 KB
2 KB 35ms
18ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/tecno-fi-100x75.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

586ffd56681549462c55a051eb4b1579ed16c49f7d7d7281818b0aec9c1ffa38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1082
x-sucuri-cache: MISS
cdn-cachedat: 07/07/2023 03:12:53
cdn-pullzone: 1230295
content-length: 1348
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 18 Feb 2022 15:05:29 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "620fb5b9-544"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: eeb89edb9533aca5df8959fdddc80335
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/tecno-fi-100x75.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 supersu-fi-100x72.png
cdn.androidmtk.com/wp-content/uploads/2023/11/ 3 KB
4 KB 50ms
34ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.androidmtk.com/wp-content/uploads/2023/11/supersu-fi-100x72.png

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

e01d8df5c11c198ea411a508c29886673a35cdc669031d6672e196cd4d850706

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Sat, 09 Dec 2023 12:14:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 1081
x-sucuri-cache: MISS
cdn-cachedat: 11/24/2023 03:30:36
cdn-pullzone: 1230295
content-length: 2978
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 22 Nov 2023 21:33:01 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "655e738d-ba2"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 038bc829-ded7-47a0-9277-75b358e7bffb
cache-control: max-age=315360000
x-sucuri-id: 15019
cdn-requestid: 14ee7a11e4320c9c23f36ba1358d2486
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://androidmtk.com/wp-content/uploads/2023/11/supersu-fi-100x72.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 impl.v17.24.0.js Show response
live.demand.supply/ 86 KB
28 KB 43ms
17ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/impl.v17.24.0.js

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8127d6dfb7da3bc1eb3b7ebc9feba37089d8a0d9b45c69fd71e1490fb091d9f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HH0CAFCJ3B652PWFANZN4T5Y
date: Sat, 09 Dec 2023 12:14:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
age: 230290
cf-polished: origSize=88264
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"92d047beda3bde91ddc99a3dc5b31b77-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 832d2ad91f9b9c0d-FRA

GET
H2 200 YW5kcm9pZG10ay5jb20v Show response
live.demand.supply/p4/v17-24-0/ 2 KB
840 B 129ms
106ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-24-0/YW5kcm9pZG10ay5jb20v
Requested by: Host: androidmtk.com
URL: https://androidmtk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c2b3661cbab14bf2f65169b8a1a7d76bbed9d87137e3e04a0e3447b2171152

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 832d2ad91f9c9c0d-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 112ms
95ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?e=ll&d=128&cs=c&dsReferer=YW5kcm9pZG10ay5jb20v

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HGATW477KW1RVN2F109RRJ91
date: Sat, 09 Dec 2023 12:14:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 347431
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 832d2ad91e5b4d50-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 104ms
67ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1820e7494ef64b6c9e882871c0766fe4439592c8b4f2f27a7467121af10d5511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30315
x-xss-protection: 0
server: cafe
etag: 640 / 19700 / m202312040101 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 12:14:21 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
586 B 125ms
111ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/ds.2.html

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HDF961T5QZKDCW8581FK8SD3
date: Sat, 09 Dec 2023 12:14:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2284907
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 832d2ad91e5d4d50-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 270 KB
66 KB 84ms
29ms Script
application/javascript 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 11:16:49 GMT
content-encoding: gzip
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 22:47:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, PRG50-C1
age: 3453
x-amz-server-side-encryption: AES256
etag: W/"aaba284d2b2910b9a4f56befae1e2e69"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Suhy3ijl6VI7czESUtvfZH3kUReiQ7pYOSfdkKyBq-MTbpXvGe8acQ==

GET
H3 200 uamp.1.json Show response
live.demand.supply/ 8 KB
3 KB 35ms
23ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/uamp.1.json?&dsReferer=YW5kcm9pZG10ay5jb20v

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HEQ5DANK2ZW3MC0YTXG5VB5Q
date: Sat, 09 Dec 2023 12:14:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1764089
etag: W/"014d98c5f11fc8a6b5790e876e366c50-ssl-df"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 832d2ad91e5e4d50-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YSN850P8DS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49440195-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae03fcca3cd509d77368377c524decfa506278185a38be4b03b9ce057024ed11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81721
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 12:14:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 47ms
14ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49440195-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 11:39:15 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2106
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 09 Dec 2023 13:39:15 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 128ms
100ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6779354300071897&plah=androidmtk.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6779354300071897

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae0d8e86e70bf00937399b1ebc3df4936e41aca55e4dcd63f0333ccfe9bdbded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137717
x-xss-protection: 0
server: cafe
etag: 9102236853986569638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 12:14:21 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 692A 9 KB
4 KB 53ms
13ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6779354300071897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 19:15:44 GMT
etag: 5585625838579639069
expires: Fri, 22 Dec 2023 19:15:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
483 B 21ms
21ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/x/e.js?ce=fs&dsReferer=YW5kcm9pZG10ay5jb20v

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.24.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HEWCDEFVXKMQDGGAWZ0FA3ZV
date: Sat, 09 Dec 2023 12:14:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 979047
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "901b70ae40b5b064aef6259e869a717e-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 832d2ad99ebf4d50-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 52ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YSN850P8DS&gtm=45je3bt0v9119078127&_p=1702124061500&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1012766198.1702124062&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702124061&sct=1&seg=0&dl=https%3A%2F%2Fandroidmtk.com%2F&dt=Android%20MTK%20-%20How-to%20Guide%2C%20Firmware%2C%20Driver%2C%20and%20Tools&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=352
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YSN850P8DS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://androidmtk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 66ef05f7-ad53-48f6-873a-ac7543370392 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
814 B 80ms
26ms Script
application/javascript 65.9.95.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/66ef05f7-ad53-48f6-873a-ac7543370392
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-83.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 8ce566978c1b87f5865517a8b81b537110c2ce82f2fb7301eff12bbdc7274ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 11:17:51 GMT
via: 1.1 1f98172ca4214b0e937b7d3d534b34cc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
age: 3390
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: CMWNr1MJ-0LbB_jhQ3WglHvmTt08ZZOkRku9SMHbVU_8ElwoUqOTVQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 40ms
39ms XHR
application/json 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fandroidmtk.com&pubid=66ef05f7-ad53-48f6-873a-ac7543370392
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: Server /
Resource Hash: ce9ea19684649109b2f96f68959eb825a59c0d45434dde55c34d5a1ce5aef0d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 06:46:01 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
age: 19699
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://androidmtk.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2198
x-amz-cf-id: fA0VFS7vR9gk7ifGv8XCACV605SvLR6ymjdQO4gdZS23HhAc-nqgsg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 80ms
28ms XHR
application/javascript 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 91afcef6d5c7e90d0a4bb2c3a456c690.cloudfront.net (CloudFront)
date: Sat, 09 Dec 2023 04:41:03 GMT
x-amz-cf-pop: PRG50-C1
age: 27199
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: npB6hiy5N7b5_cUe14wcV2w_LDEOw70E7a0rEMWsNSANndQ00GZKiA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 18ms
17ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1705774830&t=pageview&_s=1&dl=https%3A%2F%2Fandroidmtk.com%2F&ul=en-us&de=UTF-8&dt=Android%20MTK%20-%20How-to%20Guide%2C%20Firmware%2C%20Driver%2C%20and%20Tools&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1358706188&gjid=1480097498&cid=1012766198.1702124062&tid=UA-49440195-1&_gid=971171812.1702124062&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=903536425

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://androidmtk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 84ms
55ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fandroidmtk.com%2F&pid=emZCH1obgouiD&cb=0&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22androidmtk.com_auto_728x90_sticky_display_bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: KRTP0GHVGGZGPDTASPXX
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://androidmtk.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: M39xul8_O8LBy1_gGbAwab9nP93mCCj-BiSmwKtkc1k_n0_VOvxqbQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 432 KB
135 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56683
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138293
x-xss-protection: 0
server: cafe
etag: 11350998454379829730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:29:38 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 43ms
7ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: androidmtk.com
URL: https://androidmtk.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sat, 09 Dec 2023 12:29:21 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 88ms
23ms Script
text/javascript 65.9.95.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: androidmtk.com
URL: https://androidmtk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-100.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:52:33 GMT
content-encoding: gzip
via: 1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 37309
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: tCJIsASHbcS5pE2c-lWbRjMfj6_imH9tE0tsSKw4o2xD9VFeZw8nTg==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 61ms
30ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fandroidmtk.com%2F&ref=&_it=amazon&partner_id=575
Requested by: Host: androidmtk.com
URL: https://androidmtk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CADRK6PEVBEZB5
age: 5656
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 832d2ada6a8137f1-FRA
x-amz-id-2: flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 51ms
21ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: AP83Z9WF86487CE4
age: 1158
etag: W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 832d2ada6fa41e49-FRA
x-amz-id-2: Kf/JkumjpxQ0H8qSS0a6UOJRUJwGlJJVqYA1mzPdZkGWQg/fvg52A50YxtNa6/OFpxRSQOY+jCk=

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 65ms
20ms XHR
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-49440195-1&cid=1012766198.1702124062&jid=1358706188&gjid=1480097498&_gid=971171812.1702124062&_u=YADAAUAAAAAAACAAI~&z=372160062

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 09 Dec 2023 12:14:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://androidmtk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 14ms
14ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=androidmtk.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=YW5kcm9pZG10ay5jb20v

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.24.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HGATW477KW1RVN2F109RRJ91
date: Sat, 09 Dec 2023 12:14:21 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 347431
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 832d2ada980a4d50-FRA

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 55ms
17ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 27095
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 832d2adaf80265b2-FRA
expires: Tue, 12 Dec 2023 12:14:21 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 50ms
15ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:28:48 GMT
content-encoding: gzip
age: 2040333
x-guploader-uploadid: ABPtcPorK7SdOx9D0-XbxZI-ucFoefeNDDoBI41rnJAKBKLzpPyd_Ilsabixqvym6_79HuCGK2OQIo2s49jtCyg8m0eHLqvG-9Ou
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 14 Nov 2024 21:28:48 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 56ms
25ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 12:14:21 GMT

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 98ms
23ms Script
application/javascript 2600:9000:2127:6200:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:6200:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 11:45:58 GMT
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: PRG50-C1
age: 1703
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: UyDYZzd9W2VSeaRjwjQdGuYwKLtCB_uBwZ3b_4F_DQ4moGevXX4iXA==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 48ms
17ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22456
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BBkX%2FrOW6y%2F9H3wfcnVS9BrjprD2eKPPOX0XjXpOqqt3U4twprZxCuAaIg%2FcQDcb1JhhkMz%2FVgBEFSU%2B7q16WHq8HTsn0MseJsejZQbXPzNBNm4nBjI4DMjn%2BQ1dxY25FI6guv8exlZpO6rqp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 832d2adaeb111915-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 21ms
20ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: FANESDDW9B9E9DSA
age: 772
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 832d2adab8181e49-FRA
x-amz-id-2: 3/X8tH8E5rO8cGeSb+lNhU+ULwy45NMG2aWlCk5dk6b5qqPhSq/HFmIcDoU2bo2DgxRunmOxmgUfKwp80TBIyA==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 63ms
26ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:21 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 4d590341d8348e447902f99bb09642fc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 89ms
25ms Script
text/javascript 2600:9000:2127:5600:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:5600:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sat, 09 Dec 2023 06:24:16 GMT
Via: 1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PRG50-C1
Age: 21006
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: hsnD0aMrz2CLn4OWe4q6BHHstIknBEoe4ZRxjW8N4V_xHVnTaICLEg==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 24ms
23ms Script
text/javascript 65.9.95.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-100.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:16:06 GMT
content-encoding: gzip
via: 1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 28696
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: TZSBkMsqOaP4-T2njbQJepOo1TkAldgVA6pKGypA7KBl2GMvzyZH_A==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
655 B 380ms
380ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3124438057950018&correlator=3279221738941617&eid=31079827%2C44807690&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=44890869%3A3933859%2Cca-pub-3831894559014614-tag%2Ce4ef2c3b-12a2-4a63-a037-36c565c370e6&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702124061866&lmt=1702090039&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fandroidmtk.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRimiYD0xDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiniYD0xDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKaJgPTEMUgAUgIIZBIZCgpwdWJjaWQub3JnGKaJgPTEMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRimiYD0xDFIAFICCGQSFwoIcnRiaG91c2UYp4mA9MQxSABSAghkEhQKBW9wZW54GKaJgPTEMUgAUgIIZBIZCgp1aWRhcGkuY29tGKeJgPTEMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yp4mA9MQxSABSAghk&dlt=1702124061454&idt=383&prev_scp=ti%3Da0cd3a19-27a2-4678-93dc-958c8c09fa4e%26interstitials-bid%3D13%26bid-p%3Dgoogle%26bsc%3D91&cust_params=amznbid%3D1%26amznp%3D1&adks=2633319445&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f90bb76e91d54af973fc49fe886434955aa41bddf64be9df64bfcdbdd79ce0c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 624
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://androidmtk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6874 6 KB
3 KB 74ms
22ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 12:14:21 GMT
expires: Sun, 08 Dec 2024 12:14:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 39 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbaf7f99000c8db41dc83a3391f120b31bb8fc88dd9bdb5ce4050f59c56eda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11853
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13834
x-xss-protection: 0
server: cafe
etag: 17155732702192029938
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Dec 2024 08:56:48 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 818 B
412 B 526ms
526ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3124438057950018&correlator=132977519523596&eid=31079827%2C44807690&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=44890869%3A3933859%2Cca-pub-3831894559014614-tag%2Ca9ff475a-cdfa-46c6-9f4e-3ca73650f983&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702124061889&lmt=1702090039&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fandroidmtk.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRimiYD0xDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiniYD0xDFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKaJgPTEMUgAUgIIZBIZCgpwdWJjaWQub3JnGKaJgPTEMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRimiYD0xDFIAFICCGQSFwoIcnRiaG91c2UYp4mA9MQxSABSAghkEhQKBW9wZW54GKaJgPTEMUgAUgIIZBIZCgp1aWRhcGkuY29tGKeJgPTEMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yp4mA9MQxSABSAghk&dlt=1702124061454&idt=383&prev_scp=ti%3Da0cd3a19-27a2-4678-93dc-958c8c09fa4e%26interstitials-bid%3D0.4%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D91&adks=3325798333&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dfed722b6c03ef1546cc7e60cdbd7597ca3597a135439dacf4abdb1f1f3d39c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 381
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://androidmtk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 99 B
288 B 115ms
115ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=575&sync=0&domain=androidmtk.com&url=https://androidmtk.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fandroidmtk.com%2F&ref=&_it=amazon&partner_id=575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bc684c2c8990df79ea3e27cc4bb5be98d6e40747b29cde77dfb28c6c6dc94c2

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 832d2adbda2c037c-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 144ms
107ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=575&sync=0&domain=androidmtk.com&url=https://androidmtk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://androidmtk.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 832d2adb3976037c-FRA
content-length: 0
content-type: application/json
date: Sat, 09 Dec 2023 12:14:22 GMT
debug: OPTIONS block
expires: Sun, 08 Dec 2024 12:14:22 GMT
server: cloudflare

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 114ms
35ms XHR
application/json 52.212.5.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.5.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-5-247.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 1b93f9d24a224217e1780c770f5bcbb411934d29c38eedfc988a8000d0315ff2

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://androidmtk.com
cache-control: no-cache
x-server: 10.45.31.196
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
230 B 38ms
9ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://androidmtk.com
date: Sat, 09 Dec 2023 12:14:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 101ms
34ms XHR
application/json 52.212.5.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.5.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-5-247.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 83b2f480760f49e79ecc1bc0d2c702485710e48546b0138adfb4cd1938ab5916

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://androidmtk.com
cache-control: no-cache
x-server: 10.45.20.47
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C150 5 KB
941 B 81ms
80ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&adk=1812271804&adf=3025194257&lmt=1702090039&plaf=7%3A2&plat=1%3A64%2C2%3A64%2C3%3A128%2C4%3A128%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061666&bpp=3&bdt=212&idt=283&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=704393100394&frm=20&pv=2&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=297

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6779354300071897&plah=androidmtk.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6aa3f4d92264192f442ec988a659128ff0cada54006c7bbe051f1644c3c06e8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 741
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 12:14:22 GMT
expires: Sat, 09 Dec 2023 12:14:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fandroidmtk.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fandroidmtk.com%2F&rid=esp&cc=1

85 B
194 B

117ms
116ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fandroidmtk.com%2F&rid=esp&cc=1
Requested by: Host: androidmtk.com
URL: https://androidmtk.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c5b25f85c97eeddaac406113b7c369d0e4a98baa02fef7b6a66e041af389385b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-ukmCx2kF0BCGXbiuTwQawEKKFZA"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://androidmtk.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 09 Dec 2023 12:14:22 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://androidmtk.com
location: /esp?url=https%3A%2F%2Fandroidmtk.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 003A 15 KB
6 KB 51ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=androidmtk.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 12:14:21 GMT
server: Kestrel
server-processing-duration-in-ticks: 331568
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F468 129 KB
43 KB 671ms
671ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=90&slotname=7692023780&adk=519304273&adf=2737169300&pi=t.ma~as.7692023780&w=728&lmt=1702090039&rafmt=12&format=728x90&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061669&bpp=1&bdt=215&idt=308&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=312

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02c909028d54c99ae21aca9a75a6a98f950c00d67f367d052adea83ae5d70371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43478
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 12:14:22 GMT
expires: Sat, 09 Dec 2023 12:14:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 277D 118 KB
40 KB 741ms
741ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=250&slotname=7342559749&adk=2577869848&adf=2393444816&pi=t.ma~as.7342559749&w=300&lmt=1702090039&format=300x250&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061670&bpp=1&bdt=216&idt=324&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=326

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f95c3c9ac7d60cf4b9988776e5a25ee51a9391ac51d0cc5bc8dae1f0ea0029c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40530
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 12:14:22 GMT
expires: Sat, 09 Dec 2023 12:14:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 89BD 118 KB
40 KB 374ms
374ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=250&slotname=7342559749&adk=3959209433&adf=945246212&pi=t.ma~as.7342559749&w=300&lmt=1702090039&format=300x250&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061671&bpp=1&bdt=217&idt=328&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=330

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ad48f9b579ec55aa5e267c3a8b6a445c73ba918c92cde9e29e03a2bf67a008c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40499
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 12:14:22 GMT
expires: Sat, 09 Dec 2023 12:14:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58813/ 2 B
202 B 41ms
12ms XHR
application/json 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fandroidmtk.com%2F

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://androidmtk.com
content-type: application/json
access-control-allow-credentials: true

GET
H2

200

sid Show response
mug.criteo.com/ Frame 003A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=androidmtk.com&sn=ChromeSyncframe&so=0&topUrl=androidmtk.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=AIwrB3xybDN0TllMVlYvbXlFRkZwRlFuZGxKUmNFVlk1U0ZUL3NMSHkyamczK2VweVBlaWtVRkFxMzBRanZYQTJZNjFRZnZWVXpRdmV5TzhOU0U0Sm9OenRTajBxVWFUZVdKNmdVeEtWbjZjRnpCaGZFbFh6MTUxc0JtMk...

441 B
653 B

17ms
16ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=AIwrB3xybDN0TllMVlYvbXlFRkZwRlFuZGxKUmNFVlk1U0ZUL3NMSHkyamczK2VweVBlaWtVRkFxMzBRanZYQTJZNjFRZnZWVXpRdmV5TzhOU0U0Sm9OenRTajBxVWFUZVdKNmdVeEtWbjZjRnpCaGZFbFh6MTUxc0JtMkd4QUI1bzFEOWIwUkRkT0QxOERaYkhQMzNhSGVzcXAyRUl2UEczYmRhcVVoMVAyKzRtUnpXcWlwbmF6WUVHWWZ4K0p3Rzl5aGV5WUJ4YlovN0VQU3JZY3pXTlg3UXZWWVIxMkVuUjdTVEhycnVyWmtPa05XdmxZVVVZQVo4aUx1Y0dVeUR0UFdRMDYrVzdZODJ3MytLcjVvbXJyS21SZVZJTXU5dFFrR29rTFN4SWZzYnFTTT18&cppv=2

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f1f7b98294905bd203318708c3c2e988e2db04d81d9df94ee0b25c96e7923e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:21 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1365720
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=AIwrB3xybDN0TllMVlYvbXlFRkZwRlFuZGxKUmNFVlk1U0ZUL3NMSHkyamczK2VweVBlaWtVRkFxMzBRanZYQTJZNjFRZnZWVXpRdmV5TzhOU0U0Sm9OenRTajBxVWFUZVdKNmdVeEtWbjZjRnpCaGZFbFh6MTUxc0JtMkd4QUI1bzFEOWIwUkRkT0QxOERaYkhQMzNhSGVzcXAyRUl2UEczYmRhcVVoMVAyKzRtUnpXcWlwbmF6WUVHWWZ4K0p3Rzl5aGV5WUJ4YlovN0VQU3JZY3pXTlg3UXZWWVIxMkVuUjdTVEhycnVyWmtPa05XdmxZVVVZQVo4aUx1Y0dVeUR0UFdRMDYrVzdZODJ3MytLcjVvbXJyS21SZVZJTXU5dFFrR29rTFN4SWZzYnFTTT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 218069
content-length: 0
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=ok&evt=place&vh=1200&eid=44787782&pos=AUTO_PROSE_BOTTOM_ANCHOR&vpt=DESKTOP&pvc=3124438057950018

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 575 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 72ms
29ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/575?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fandroidmtk.com%2F&ref=&_it=amazon&partner_id=575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db873cb04140a89b8115a392783072f4208dc37ad86677512454708931ef493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 09 Dec 2023 12:09:46 GMT
server: cloudflare
age: 276
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 832d2adcef6e5d3e-FRA

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 82D2 0
167 B 58ms
21ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sat, 09 Dec 2023 12:14:22 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 125ms
125ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=androidmtk.com_auto_interstitial_desktop&e=nai&dsReferer=YW5kcm9pZG10ay5jb20v

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.24.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HGATW477KW1RVN2F109RRJ91
date: Sat, 09 Dec 2023 12:14:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 347432
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 832d2add3bce4d50-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 17ms
17ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=androidmtk.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=YW5kcm9pZG10ay5jb20v

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.24.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HGATW477KW1RVN2F109RRJ91
date: Sat, 09 Dec 2023 12:14:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 347432
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 832d2add3bd64d50-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 187 KB
53 KB 426ms
426ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3124438057950018&correlator=3801977199176260&eid=31079827%2C44807690&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=44890869%3A3933859%2Cca-pub-3831894559014614-tag%2Cec4fd8ea-21de-4c31-8948-0033a50a859d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Da628ae7137d91ff3%3AT%3D1702124061%3ART%3D1702124061%3AS%3DALNI_MaJj5IS2us_wWiDM5m2x5TVf3nE3w&gpic=UID%3D00000d10e34bf319%3AT%3D1702124061%3ART%3D1702124061%3AS%3DALNI_Majan1FwRaF0ejUGpeE49Ky3xSKSw&abxe=1&dt=1702124062280&lmt=1702090039&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fandroidmtk.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYp4mA9MQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRimiYD0xDFIAFICCGQSGQoKcHViY2lkLm9yZxj5iYD0xDFIAFICCGoSGAoJeWFob28uY29tGLWKgPTEMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRimiYD0xDFIAFICCGQSFwoIcnRiaG91c2UYpoqA9MQxSABSAghqEj4KBW9wZW54EixleUpwSWpvaU1rVkliREZpVm14U09VdEtXVTFKYXpaQ1pEUm9RVDA5SW4wPRirjID0xDFIABIZCgp1aWRhcGkuY29tGKeJgPTEMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yp4qA9MQxSABSAghq&dlt=1702124061454&idt=383&prev_scp=ti%3Da0cd3a19-27a2-4678-93dc-958c8c09fa4e%26interstitials-bid%3D3%26bid-p%3Dgoogle%26bsc%3D91&adks=2270142182&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fce57382360503d42af575d27da4852d9f5592f199ade6d484aa4019d6ce1a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53801
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://androidmtk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 89BD 4 KB
1 KB 83ms
23ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=250&slotname=7342559749&adk=3959209433&adf=945246212&pi=t.ma~as.7342559749&w=300&lmt=1702090039&format=300x250&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061671&bpp=1&bdt=217&idt=328&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1194&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 11:31:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 12:14:22 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 89BD 2 KB
903 B 52ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:43:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 89BD 24 KB
9 KB 32ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:52:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:52:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 89BD 3 KB
1 KB 40ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:18:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 89BD 20 KB
9 KB 49ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89BD 202 KB
64 KB 61ms
24ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 12:14:22 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 89BD 37 KB
16 KB 47ms
13ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 20:29:37 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16729386283322650712/ Frame 89BD 6 KB
6 KB 34ms
25ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16729386283322650712/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93fa1f461fbf9f80e5ff4d748550320757afe572b8e96461ed879fe36f3271cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:19:23 GMT
x-content-type-options: nosniff
age: 32099
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6293
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 15:44:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 03:19:23 GMT

GET
DATA 200
OK truncated
/ Frame 89BD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 548ms
548ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3124438057950018&correlator=1798649865387687&eid=31079827%2C44807690&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=44890869%3A3933859%2Cca-pub-3831894559014614-tag%2Cf08512c5-d542-4a4a-89e0-8f07e7bc1667&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=8&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie=ID%3D982a9d4d2983a387%3AT%3D1702124061%3ART%3D1702124061%3AS%3DALNI_MZR2hAYyKdnzgpiIfEo1IdhFZ0z2Q&gpic=UID%3D00000d10e36c0d0c%3AT%3D1702124061%3ART%3D1702124061%3AS%3DALNI_MaPOXADQ0bK2x9dbSLA0y4j6abPMA&abxe=1&dt=1702124062434&lmt=1702090039&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fandroidmtk.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYp4mA9MQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRimiYD0xDFIAFICCGQSGQoKcHViY2lkLm9yZxj5iYD0xDFIAFICCGoSGAoJeWFob28uY29tGLWKgPTEMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRimiYD0xDFIAFICCGQSFwoIcnRiaG91c2UYpoqA9MQxSABSAghqEj4KBW9wZW54EixleUpwSWpvaU1rVkliREZpVm14U09VdEtXVTFKYXpaQ1pEUm9RVDA5SW4wPRirjID0xDFIABIZCgp1aWRhcGkuY29tGKeJgPTEMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yp4qA9MQxSABSAghq&dlt=1702124061454&idt=383&prev_scp=ti%3Da0cd3a19-27a2-4678-93dc-958c8c09fa4e%26interstitials-bid%3D0.1%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D91&adks=4264741604&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa4a7b3a5fea49cbeb68e1763bc7ded109abb9c1e3b86a4af074cb5998f24610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12796
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://androidmtk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 89BD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19b521d7e53d0bd1dad875fccf744ee2c6db0eebddbd671c369b31eb55530c35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 89BD 16 KB
16 KB 50ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:55:14 GMT
x-content-type-options: nosniff
age: 58748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 19:55:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 89BD 15 KB
15 KB 53ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:59:57 GMT
x-content-type-options: nosniff
age: 62065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:59:57 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 89BD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CRmLnHlp0Zc2tAYi2gAej4LrYBLL7gdN0z97Nnt4Sm-nz_QgQASCTpv0NYJWCgIC0B6AB1u_7xCrIAQmoAwHIA8sEqgTbAU_QPgGfgZjIsbYZgoTgaMJYGj0vkb25f8HKpG_ZOFPc20yc1tj...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215250530560709685238%22,%22debug_reporting%22:true,%22destination%22:%22https://zipiziper.com%22,%22event_report_window%22...

0
0

80ms
49ms

Fetch
text/css

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215250530560709685238%22,%22debug_reporting%22:true,%22destination%22:%22https://zipiziper.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211418925014%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212151765316849995345%22}&andc=true

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15250530560709685238","debug_reporting":true,"destination":"https://zipiziper.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11418925014"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"12151765316849995345"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 12:14:22 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 12:14:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15250530560709685238","debug_reporting":true,"destination":"https://zipiziper.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11418925014"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"12151765316849995345"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame EF04 50 KB
19 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 403504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 20:09:18 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 117ms
50ms Preflight
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 12:14:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame F468 14 KB
1 KB 27ms
22ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=90&slotname=7692023780&adk=519304273&adf=2737169300&pi=t.ma~as.7692023780&w=728&lmt=1702090039&rafmt=12&format=728x90&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061669&bpp=1&bdt=215&idt=308&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=86&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 11:42:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 12:14:22 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F468 2 KB
856 B 18ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:43:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame F468 24 KB
9 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:52:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:52:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F468 3 KB
1 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:18:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F468 20 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F468 202 KB
64 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 12:14:22 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame F468 37 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 20:29:37 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16729386283322650712/ Frame F468 2 KB
2 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16729386283322650712/14763004658117789537?w=195&h=102&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86914a9b596f0b4e507b1c32e985a7c4f98af4131a48a31f02709c60730b114c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:24 GMT
x-content-type-options: nosniff
age: 51178
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2418
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 15:44:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 22:01:24 GMT

GET
DATA 200
OK truncated
/ Frame F468 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F468 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F468 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62eae56609e78c701d5f6a0c1bf64e1bb71bf9c1e943e90e95a2f4cd70c1a7be

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EAD2 6 KB
3 KB 17ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 12:14:21 GMT
expires: Sun, 08 Dec 2024 12:14:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 19ms
18ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?gl=3.13&b=2&r=androidmtk.com_auto_interstitial_desktop&sy=6fa1e4ae-f195-461a-bde5-be44aad9b61e&ts=91&cd=2&pud=128&pus=c&pue=215&pid=46&pis=c&pie=262&ppd=132&pps=a&ppe=349&pcl=132&ttc=394&tti=1380&ttif=0&lca=349&lcak=ppe&lct=349&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=androidmtk.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=a0cd3a19-27a2-4678-93dc-958c8c09fa4e&e=lm&dsReferer=YW5kcm9pZG10ay5jb20v

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.24.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HGATW477KW1RVN2F109RRJ91
date: Sat, 09 Dec 2023 12:14:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 347432
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 832d2ae03f214d50-FRA

GET
H3 200 css
fonts.googleapis.com/ Frame 277D 4 KB
655 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=250&slotname=7342559749&adk=2577869848&adf=2393444816&pi=t.ma~as.7342559749&w=300&lmt=1702090039&format=300x250&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061670&bpp=1&bdt=216&idt=324&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=326

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 11:17:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 12:14:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 277D 2 KB
822 B 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=250&slotname=7342559749&adk=2577869848&adf=2393444816&pi=t.ma~as.7342559749&w=300&lmt=1702090039&format=300x250&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061670&bpp=1&bdt=216&idt=324&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=326

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:43:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 277D 24 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=250&slotname=7342559749&adk=2577869848&adf=2393444816&pi=t.ma~as.7342559749&w=300&lmt=1702090039&format=300x250&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061670&bpp=1&bdt=216&idt=324&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=326

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:52:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:52:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 277D 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=250&slotname=7342559749&adk=2577869848&adf=2393444816&pi=t.ma~as.7342559749&w=300&lmt=1702090039&format=300x250&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061670&bpp=1&bdt=216&idt=324&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=326

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:18:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 277D 20 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=250&slotname=7342559749&adk=2577869848&adf=2393444816&pi=t.ma~as.7342559749&w=300&lmt=1702090039&format=300x250&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061670&bpp=1&bdt=216&idt=324&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=326

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 277D 202 KB
64 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=250&slotname=7342559749&adk=2577869848&adf=2393444816&pi=t.ma~as.7342559749&w=300&lmt=1702090039&format=300x250&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061670&bpp=1&bdt=216&idt=324&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=326

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 12:14:22 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 277D 37 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=250&slotname=7342559749&adk=2577869848&adf=2393444816&pi=t.ma~as.7342559749&w=300&lmt=1702090039&format=300x250&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061670&bpp=1&bdt=216&idt=324&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=326

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 20:29:37 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16729386283322650712/ Frame 277D 6 KB
6 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16729386283322650712/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=250&slotname=7342559749&adk=2577869848&adf=2393444816&pi=t.ma~as.7342559749&w=300&lmt=1702090039&format=300x250&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061670&bpp=1&bdt=216&idt=324&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=326

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93fa1f461fbf9f80e5ff4d748550320757afe572b8e96461ed879fe36f3271cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:19:23 GMT
x-content-type-options: nosniff
age: 32099
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6293
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 15:44:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 03:19:23 GMT

GET
DATA 200
OK truncated
/ Frame 277D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css2
fonts.googleapis.com/ Frame EAD2 4 KB
671 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 11:31:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 12:14:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 31AD 6 KB
706 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 11:32:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 12:14:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 31AD 2 KB
822 B 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:43:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 31AD 24 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:52:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:52:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 31AD 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:18:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D84D 1 KB
643 B 15ms
14ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Sat, 09 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 31AD 20 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 31AD 0
0 57ms
21ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2sSUdMXfE_TbQzGMSNdTd7AEEyo3J3iShMm9I-VoFajF9go4N7Ktf9Vlew006T4xJbu6QFg4WETQ7YJ53pG_yU_A6JA
Requested by: Host: androidmtk.com
URL: https://androidmtk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 31AD 202 KB
64 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 12:14:22 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 31AD 37 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 20:29:37 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame EAD2 22 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9231
x-xss-protection: 0
server: cafe
etag: 9385233705467680479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:57:47 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EAD2 205 B
229 B 25ms
25ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:28:20 GMT
x-content-type-options: nosniff
age: 81962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Dec 2024 13:28:20 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EAD2 604 B
628 B 27ms
27ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:41:25 GMT
x-content-type-options: nosniff
age: 88377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Dec 2024 11:41:25 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F468 33 KB
33 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 227551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:01:51 GMT

GET
DATA 200
OK truncated
/ Frame 277D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 259207d6b3e4001f0a6c634615e84b15f5305b6ac282a3d65fafeb28aaa62bcb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 277D 16 KB
16 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:55:14 GMT
x-content-type-options: nosniff
age: 58748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 19:55:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 277D 15 KB
15 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:59:57 GMT
x-content-type-options: nosniff
age: 62065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:59:57 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F468
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ck8k0Hlp0Zbslq47H8A-p_J-IBrL7gdN0z97Nnt4Sm-nz_QgQASCTpv0NYJWCgIC0B6AB1u_7xCrIAQmoAwHIA8sEqgTdAU_Qy82JxPCIJzJbTZTjZm24iC01wOyM_JZsqrik80QpqaeYyNa...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226683540447029672372%22,%22debug_reporting%22:true,%22destination%22:%22https://zipiziper.com%22,%22event_report_window%22:...

0
0

49ms
49ms

Fetch
text/css

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226683540447029672372%22,%22debug_reporting%22:true,%22destination%22:%22https://zipiziper.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211418925014%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221294636093893819409%22}&andc=true

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:23 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6683540447029672372","debug_reporting":true,"destination":"https://zipiziper.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11418925014"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"1294636093893819409"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 12:14:23 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 12:14:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6683540447029672372","debug_reporting":true,"destination":"https://zipiziper.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11418925014"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"1294636093893819409"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D84D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHEoOsK-1LRAmf2ToBdv7gs&google_cver=1&google_push=AXcoOmSX3QQLOFrbGLdC3ZRlOhDC-0HkAAMcKKPBLtX0nylu3rQjDB9dntZrHAT76nkF693vyX02Xs5FwVoWVZswtSMSdzE6ykg&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHEoOsK-1LRAmf2ToBdv7gs&google_cver=1&google_push=AXcoOmSX3QQLOFrbGLdC3ZRlOhDC-0HkAAMcKKPBLtX0nylu3rQjDB9dntZrHAT76nkF693vyX02Xs5FwVoWVZswtSMSdzE6ykg...

43 B
418 B

177ms
166ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHEoOsK-1LRAmf2ToBdv7gs&google_cver=1&google_push=AXcoOmSX3QQLOFrbGLdC3ZRlOhDC-0HkAAMcKKPBLtX0nylu3rQjDB9dntZrHAT76nkF693vyX02Xs5FwVoWVZswtSMSdzE6ykg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSX3QQLOFrbGLdC3ZRlOhDC-0HkAAMcKKPBLtX0nylu3rQjDB9dntZrHAT76nkF693vyX02Xs5FwVoWVZswtSMSdzE6ykg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 832d2ae28d46923e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 131
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHEoOsK-1LRAmf2ToBdv7gs&google_cver=1&google_push=AXcoOmSX3QQLOFrbGLdC3ZRlOhDC-0HkAAMcKKPBLtX0nylu3rQjDB9dntZrHAT76nkF693vyX02Xs5FwVoWVZswtSMSdzE6ykg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSX3QQLOFrbGLdC3ZRlOhDC-0HkAAMcKKPBLtX0nylu3rQjDB9dntZrHAT76nkF693vyX02Xs5FwVoWVZswtSMSdzE6ykg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 832d2ae14c25923e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D84D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHIXgWWTGXd0OrMalMgfuzQ&google_cver=1&google_push=AXcoOmQ8Samv_N2hw1j3FASacOf2IpXI_8rCPZSSbkpJWCkl8wR2RUsTlziVdcT64qTsC9_qn6J0_ECtdha4aSYziwMtFMg...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ8Samv_N2hw1j3FASacOf2IpXI_8rCPZSSbkpJWCkl8wR2RUsTlziVdcT64qTsC9_qn6J0_ECtdha4aSYziwMtFMggl8da&google_hm=eS1nd3IuQnB0RTJwRXpETE...

170 B
232 B

25ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ8Samv_N2hw1j3FASacOf2IpXI_8rCPZSSbkpJWCkl8wR2RUsTlziVdcT64qTsC9_qn6J0_ECtdha4aSYziwMtFMggl8da&google_hm=eS1nd3IuQnB0RTJwRXpETE1YYTdSaENLZjA0REZ2M2NaUX5B

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 12:14:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ8Samv_N2hw1j3FASacOf2IpXI_8rCPZSSbkpJWCkl8wR2RUsTlziVdcT64qTsC9_qn6J0_ECtdha4aSYziwMtFMggl8da&google_hm=eS1nd3IuQnB0RTJwRXpETE1YYTdSaENLZjA0REZ2M2NaUX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D84D
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEO_K7rN3oR5BAHTqlsC5UkM&google_cver=1&google_push=AXcoOmTji6gmyuS1KpMm9Rdi6YFmAYXsf3yNfTA166kqQUxfVdLkIcK_GwfWKsTQUsZ6G6KmvFD5lR_URFakZ...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEO_K7rN3oR5BAHTqlsC5UkM&google_push=AXcoOmTji6gmyuS1KpMm9Rdi6YFmAYXsf3yNfTA166kqQUxfVdLkIcK_GwfWKsTQUsZ6G6KmvFD5lR_URFakZ...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTji6gmyuS1KpMm9Rdi6YFmAYXsf3yNfTA166kqQUxfVdLkIcK_GwfWKsTQUsZ6G6KmvFD5lR_URFakZzGrZmOy-HYFD7W7&google_hm=eUZENmNHd1lMVzJwZVl6...

170 B
188 B

26ms
26ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTji6gmyuS1KpMm9Rdi6YFmAYXsf3yNfTA166kqQUxfVdLkIcK_GwfWKsTQUsZ6G6KmvFD5lR_URFakZzGrZmOy-HYFD7W7&google_hm=eUZENmNHd1lMVzJwZVl6eGJlTjk=

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 12:14:23 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTji6gmyuS1KpMm9Rdi6YFmAYXsf3yNfTA166kqQUxfVdLkIcK_GwfWKsTQUsZ6G6KmvFD5lR_URFakZzGrZmOy-HYFD7W7&google_hm=eUZENmNHd1lMVzJwZVl6eGJlTjk=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 236
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D84D
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEAlzGuR0JVL9-JD2yfNjniE&google_cver=1&google_push=AXcoOmQ6mUbQ7yr2QUwHoChTjw6NShOuV2TG4Y5MtjNsya9i9nHoQk7e5iuuaaQkkJLrN4Puzl7Muz28fO67eB55LJalN8PoHtmm
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1MTI1NjYyNzMxNzUyODAwMFYxMA%3d%3d&mn_hm=MzQ1MTI1NjYyNzMxNzUyODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQ6mUbQ7yr2QUwHoChTjw6NShO...

170 B
329 B

27ms
26ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1MTI1NjYyNzMxNzUyODAwMFYxMA%3d%3d&mn_hm=MzQ1MTI1NjYyNzMxNzUyODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQ6mUbQ7yr2QUwHoChTjw6NShOuV2TG4Y5MtjNsya9i9nHoQk7e5iuuaaQkkJLrN4Puzl7Muz28fO67eB55LJalN8PoHtmm&gdpr=&gdpr_consent=

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 12:14:22 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ1MTI1NjYyNzMxNzUyODAwMFYxMA%3d%3d&mn_hm=MzQ1MTI1NjYyNzMxNzUyODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQ6mUbQ7yr2QUwHoChTjw6NShOuV2TG4Y5MtjNsya9i9nHoQk7e5iuuaaQkkJLrN4Puzl7Muz28fO67eB55LJalN8PoHtmm&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Sat, 09 Dec 2023 12:14:22 GMT

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame D84D 42 B
233 B 289ms
91ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEEGYCiGf6QJPKZzs5qfZcJ4&google_cver=1&google_push=AXcoOmRJhqNA842t0HRqdCO0xvuCJdyVdMr8iqQev4QL2sqAnXIRTo7phcE8guKzicufKCZwwBEJRghLIsDqaNME8jwTa8sYYvwJ
Requested by: Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 12:14:23 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D84D
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEG30z2Rd72Lwbf19W7yMSHw&google_cver=1&google_push=AXcoOmSnPbqTq_PRZvQ4rY0dJcpkRskFo1Zxu0C0fg5vJcO4zdOctpcxBk8JaHtSPXADZK7ovffYdPlrDfU532MyflB-9ziqSnTW
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSnPbqTq_PRZvQ4rY0dJcpkRskFo1Zxu0C0fg5vJcO4zdOctpcxBk8JaHtSPXADZK7ovffYdPlrDfU532MyflB-9ziqSnTW&google_hm=81fa84b7097cb6...

170 B
188 B

24ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSnPbqTq_PRZvQ4rY0dJcpkRskFo1Zxu0C0fg5vJcO4zdOctpcxBk8JaHtSPXADZK7ovffYdPlrDfU532MyflB-9ziqSnTW&google_hm=81fa84b7097cb6321h7gnh00lpy0pwqh

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSnPbqTq_PRZvQ4rY0dJcpkRskFo1Zxu0C0fg5vJcO4zdOctpcxBk8JaHtSPXADZK7ovffYdPlrDfU532MyflB-9ziqSnTW&google_hm=81fa84b7097cb6321h7gnh00lpy0pwqh
date: Sat, 09 Dec 2023 12:14:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
content-type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D84D
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFiKbgu5jSRV7rlxwQ82J6E&google_cver=1&google_push=AXcoOmSqFTI563Mid...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEFiKbgu5jSRV7rlxwQ82J6E%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODY0NjkzMzc0MjMyMTk0NDc5MA%3D%3D&google_gid=CAESEFiKbgu5jSRV7rlxwQ82J6E&google_cver=1&google_push=AXcoOmSqFTI563MidYbYK9meqPbm8hzqxZ...

170 B
232 B

25ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODY0NjkzMzc0MjMyMTk0NDc5MA%3D%3D&google_gid=CAESEFiKbgu5jSRV7rlxwQ82J6E&google_cver=1&google_push=AXcoOmSqFTI563MidYbYK9meqPbm8hzqxZnas3l9Eg73eDHHSncD9qsvco54FAF0aPv8pWWPV1FNyNks143nO1cVIbXZD2NGWFBghg

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
an-x-request-uuid: 8ac904df-fd8b-4d78-84f7-dc0e0d30d98c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODY0NjkzMzc0MjMyMTk0NDc5MA%3D%3D&google_gid=CAESEFiKbgu5jSRV7rlxwQ82J6E&google_cver=1&google_push=AXcoOmSqFTI563MidYbYK9meqPbm8hzqxZnas3l9Eg73eDHHSncD9qsvco54FAF0aPv8pWWPV1FNyNks143nO1cVIbXZD2NGWFBghg
x-proxy-origin: 37.58.58.247; 37.58.58.247; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D84D 0
139 B 57ms
21ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5ce592lKAvH8MvUx5DyCbyrEw32pZJBkh6zS10M0G-9VPgG4MkyWh3PqWX7YXautQCNHRaLVi

Requested by

Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame E4CD 50 KB
19 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 403504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 20:09:18 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 277D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CGzLYHlp0ZZWfAYGIgAfSpbKgBLL7gdN0z97Nnt4Sm-nz_QgQASCTpv0NYJWCgIC0B6AB1u_7xCrIAQmoAwHIA8sEqgTbAU_QtjOW8S-MXrAKbi6AzjKCFWtflD710Gn7IKp7HE3PDEwGGcY...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211550181125895497593%22,%22debug_reporting%22:true,%22destination%22:%22https://zipiziper.com%22,%22event_report_window%22...

0
0

48ms
48ms

Fetch
text/css

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211550181125895497593%22,%22debug_reporting%22:true,%22destination%22:%22https://zipiziper.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211418925014%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215742430573798424737%22}&andc=true

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:23 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11550181125895497593","debug_reporting":true,"destination":"https://zipiziper.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11418925014"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"15742430573798424737"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 12:14:23 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 12:14:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11550181125895497593","debug_reporting":true,"destination":"https://zipiziper.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11418925014"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"15742430573798424737"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 63ms
62ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f2a832e7c4990cb2001fe41fd4bcaa7269c9b8baa6c138631e93fc917f8369b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12093
x-xss-protection: 0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
274 B 33ms
7ms Fetch
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

ac62816f48af5bc603bccf32f60c302e5e82b20f4044fbaa6550dcd0f2858ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://androidmtk.com
date: Sat, 09 Dec 2023 12:14:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame B7E5 50 KB
19 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6779354300071897&output=html&h=250&slotname=7342559749&adk=2577869848&adf=2393444816&pi=t.ma~as.7342559749&w=300&lmt=1702090039&format=300x250&url=https%3A%2F%2Fandroidmtk.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702124061670&bpp=1&bdt=216&idt=324&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=704393100394&frm=20&pv=1&ga_vid=1012766198.1702124062&ga_sid=1702124062&ga_hid=1705774830&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95320885&oid=2&pvsid=3124438057950018&tmod=351382744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=326

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 403504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 20:09:18 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame DD3E 50 KB
19 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 403504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 20:09:18 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 50ms
49ms Preflight
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 12:14:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 49ms
48ms Preflight
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 12:14:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 90BB 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 12:14:21 GMT
expires: Sun, 08 Dec 2024 12:14:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sda.css
live.demand.supply/css/ 4 KB
2 KB 118ms
117ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/css/sda.css

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HGBT2QSHKRTSSRN72B94ZTRT
date: Sat, 09 Dec 2023 12:14:23 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 808643
etag: W/"505b1404b8e3597f62714f70edb3d993-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 832d2ae1dffebbbc-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 12:14:23 GMT

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
599 B 23ms
7ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

f246538ddccb3e802a628fa55967ee7a76047d04473fd29253584ec2a3b0b68b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://androidmtk.com
date: Sat, 09 Dec 2023 12:14:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4223 624 B
242 B 56ms
53ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIYrtfr7QEwAQ&v=APEucNXHxY8SgXn4Gat8un2e9QjMJXoBiWaUMQxJrUqRDZ9K_mWSakUxIKk4qLZty93EyJME8simlezyHuqcGg-UPQ8tBksjxm3GD8Tek9MkebCyJ1XBRV-J4ThG2k1N1faR9yVvvrsimNtxhivjhAsRRl30Pz8nb2-YDAUKzNRBt4aP1bxWX7BJ34EqqceUlGFJ4Rf_vUcU

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 12:14:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DE88 89 KB
31 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 12:14:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame DE88 3 KB
1 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:18:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame DE88 20 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DE88 0
0 24ms
20ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHPriWCP5pGhqHprj7DKfx-8PLiqPEAvBjxm2xYfDR6nQ0xNFPzVKhiM0iuKsIv0pKchTbZ0CaaD2RRALKYrcp08RL6g
Requested by: Host: androidmtk.com
URL: https://androidmtk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DE88 202 KB
61 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 11:23:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-9
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 12:23:15 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE88 42 B
63 B 50ms
48ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CgLqoRVdV-_EvAXEs0VDgVKwyPmq2yuELrDlushEwtJ18AMFXSFxJordnEmnrF9d-fL2WuxTUTav5iVuCPWPsRgURi36Ob9R4_ckt4FfX5gHktxNE

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6760 13 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 45131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 23:42:12 GMT
expires: Sat, 07 Dec 2024 23:42:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C51F 829 B
1 KB 25ms
24ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

44823dd01414b7a1ac5fcaee0268c94841942084683606d9147da14bc947d9a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3W6OyLpSapZDiJyWL2406A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://androidmtk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3W6OyLpSapZDiJyWL2406A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 12:14:23 GMT
expires: Sat, 09 Dec 2023 12:14:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6760 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:01:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C51F 0
0 47ms
47ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=3124438057950018&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4223
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECH3OM9xdJqmD7WbUxJ5HpE&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECH3OM9xdJqmD7WbUxJ5HpE&google_cver=1&C=1

43 B
770 B

29ms
28ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECH3OM9xdJqmD7WbUxJ5HpE&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIYrtfr7QEwAQ&v=APEucNXHxY8SgXn4Gat8un2e9QjMJXoBiWaUMQxJrUqRDZ9K_mWSakUxIKk4qLZty93EyJME8simlezyHuqcGg-UPQ8tBksjxm3GD8Tek9MkebCyJ1XBRV-J4ThG2k1N1faR9yVvvrsimNtxhivjhAsRRl30Pz8nb2-YDAUKzNRBt4aP1bxWX7BJ34EqqceUlGFJ4Rf_vUcU
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVT7nt%2Fhb7HduWK5SSkxcjxsUrrKKchUsCUMLo4Vg48dvegkj5UqqumdX0NojeLJZpX6mGUN%2B3hm8w20bGXqdKW%2B2VURbbI9tWilhF7xC8s0yvvJQ7qRuBDl59W0k2BuUIGnPEs62%2BkNxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832d2ae35b349be0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FE0wooBhwQpL%2FbILmL3%2FmZeBTenSkGAVbAcym%2BLFKdr6bRyQg83GubemuSL8hyZQW0fnSHHpcxAVUSaDb%2F3Q7tmYfok7zki%2FLrQScqraSA%2BwmqsmiQMdxujxmE0%2F0I9ORuJmLv50bF9qw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESECH3OM9xdJqmD7WbUxJ5HpE&google_cver=1&C=1
cache-control: no-cache
cf-ray: 832d2ae33dc92bca-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4223
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXRaH--ipZfZrQwBl8D3pAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECH3OM9xdJqmD7WbUxJ5HpE&google_cver=1

43 B
737 B

56ms
56ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECH3OM9xdJqmD7WbUxJ5HpE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIYrtfr7QEwAQ&v=APEucNXHxY8SgXn4Gat8un2e9QjMJXoBiWaUMQxJrUqRDZ9K_mWSakUxIKk4qLZty93EyJME8simlezyHuqcGg-UPQ8tBksjxm3GD8Tek9MkebCyJ1XBRV-J4ThG2k1N1faR9yVvvrsimNtxhivjhAsRRl30Pz8nb2-YDAUKzNRBt4aP1bxWX7BJ34EqqceUlGFJ4Rf_vUcU
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbAKestU9AOplcGHn1dWLbNu3RunoXdNEmryY%2BSNwJs4k1Zuin%2B7VY54wO5%2FQ4vmIAes7KMWKQ7paIB2WcDKSkZnzkPKoFT6RHA5OyJkSV%2FCwrRGPECSDXSEhW2aMCCokBCUWHHtq0uF%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832d2ae3ab899be0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECH3OM9xdJqmD7WbUxJ5HpE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 4223
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDtoSswtpPTrfH4eTmGNSHc&google_cver=1

43 B
839 B

44ms
44ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDtoSswtpPTrfH4eTmGNSHc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQ9dfyxgIYrtfr7QEwAQ&v=APEucNXHxY8SgXn4Gat8un2e9QjMJXoBiWaUMQxJrUqRDZ9K_mWSakUxIKk4qLZty93EyJME8simlezyHuqcGg-UPQ8tBksjxm3GD8Tek9MkebCyJ1XBRV-J4ThG2k1N1faR9yVvvrsimNtxhivjhAsRRl30Pz8nb2-YDAUKzNRBt4aP1bxWX7BJ34EqqceUlGFJ4Rf_vUcU

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
an-x-request-uuid: 966c2adc-e300-4cb2-a9a3-e4b511cb54dd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.247; 37.58.58.247; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDtoSswtpPTrfH4eTmGNSHc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4223
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY0NjkzMzc0MjMyMTk0NDc5MA%3D%3D

170 B
188 B

25ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY0NjkzMzc0MjMyMTk0NDc5MA%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
an-x-request-uuid: 3ab02fd7-61a1-483f-9618-2cd538ecb30c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY0NjkzMzc0MjMyMTk0NDc5MA%3D%3D
x-proxy-origin: 37.58.58.247; 37.58.58.247; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE88 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7385620211134&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE88 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7385620211134&version=m202309260101&ct=76&x=1&cor=11916805575705730000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DE88 111 KB
42 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzVG5n6j9k14OWWQ7qvWMxnYbm_f8Ez2rintU2-bEb_-zBvtsTwVK98HAIiPHnxuSeg7svE6BFcTOBkDibyBQVYW6DaHdpgGU8kaG7zDt3FbirwbU7_xhqGB9KFKc4fXEwEkMHIN7V5NkgzQAhFMedpsBZQR8wnjipYw7u-xev4DufEW0&dbm_d=AKAmf-DOP6Jq-jAfvsnvs4RMNZIk_khkJF-K6pQOVly9jNNIiPRY1-pv0VxI_gm_7t-RJbM88iPFAE-cEYXMx65a2zaPSWVdl95az3J6V5Z7t8X9olR-gzsL7MCEIQ6absjAqhNptfHP9VGEr1emiZ5VKIcYSyENrspn_ghHKDTQfvdCo_YywE56eezSpznvP7oW2hAaujWkHvqkGvG_s-88_k4pkeT_2IERYDwk6CXexl2FdbbAKH41P-c_-TbDcSMCqeChwEYLQpiWG_yoZM6w0JHucYOqhWI3_YHAsfuiCEHoRNS9C8mKvbtor7z0V-6bwzHJH1IvRAitqdXKmTXhZDxA1dx-2svR8czScOc8S6yd7Jtmv7VZUlc4GFm7LzgCFwIdAiWvdYOJRStFiPHeCV7Grc0x0Op4Sfi2KGoLEE5nnsQPYjlqUid2Touie1aqk3m0J2sFR8qY5TPUjFEDDnuhKUftztdQHOi9WILAwHQYxTiyY63JRFTt01UzQr8apqPJKn2mkDiN9z9uQkTkRIaECMnUe-A3RhSBD03tgP8lgBH5V---PhA62-AT0UvNr1tt5eBzV5BncyUNg7k2_nyMlCIh2VOcKV-Q7XD6RLsMfh8mpRMdVypuZE40imSugULBKhDJbHgsBiwM6gj-olxI-dQ04ZKoy_bCJvLNo6GhVROW8EJ1GvgBbCSsv1QImdxtyKErsWXiEh7OndgmlIP0EK7uRL0RNRcupV7oDT_rD01lviis5gnCuQnSMVrk2DJFLFrv3b-RQkpIj3Ms-iUWE4YAZre8vA9sI2BNUtoPcHghKphe3mDDSai8bL19GtwplTTauUdRJ1l3gKWU0zY6ylRitX6x6MGrz2sGQ4sfRDZJUr1ZFV_SlCCgUV4EX9fXDta0Efr_5qOrhfyLGiZkAtOwhXY3yvkFh8nRQh2cOTJ0GGZCrkjxjvrgIlZjlV4w4DUS0sjf9H0u12eZ247_bS4CKkKaq1W1dujjxXPUu6uCNmXKmw6OEqcnCdiC91EvJpVJJxoU0qJnwEAIyXEYQQJLvFvnVzxq7bupdqu8ae80W3lSjMWrH7jcLi0KbRElx_VTyZOr63-Rg4HuUev3BdkYX2pcD58FQJHHpZiQQCO0DM610Yg9aV_sGH_tXaPZ8_b8PamVHy42kT8Ir41b6YEtbkv3bKO9f19iuga1qccqZtoKUyBlqFHOw3NcZWtfmCn3NkLdiYIOANW-9I0RFOL4Sq5Lfi-t2ois9qochPzlgWXLe8-hxXzVqCQjLrDS3J57wZ_03EgFw_EBg3q1REny6YHuEsObi1HNAxvHMWIc_CTCiIprqWlIGUX5iSPk9TiB3sxdfGHBf-Rkqmg5Jq5S2h5mgAhLSdOHS09rdg2PMftaye-pNz3Em7B9bENIJq8FuN6Ulca2lYZC3MR-SsFJoKyRJC7GpEoL1cX3ijyk7eP2UlyMuRuZxAtWuutjkFDucz8iJVK-nZf8LICH6UtoBBaAnmIx9nzjFhgbHQgDY0M6o6uuYuWtwPcpEcl4oLm3LtUHcUIDfuWrERdqaSaIzW2qMG-rUz4mke9lYbpzAhOMi69KQo3vFMx4nVeaQ9RRlZOZOrWveL5XB1q5ih0zCLTAgTpFzNfTjr38qRYSjvqtqDxOVZMAGoPJ6f8TVXfcr1COHhNwOd9dWcABcP_pAO4mlODLWKnwA0OY4HBK3kE49-N4PmxDMCZmsi9000inCxCpSp0KmvgqX7wAajy11tfCpXB-WCKPxEd1vRqrAn60MS4_7p0FKyL-yPdZOwn5Yc0AlPs3bTKvhnuGj1CubVVGXAZhTBvPDdNxmMXkPNtya9XyekX_cWcbYmzkdFbBDmyqZNPtVa94LlmQkx0Mw9-M3wNk25chMeBTvA8izYfW_PXPCKf-IvOK5lAgiZsKt8jXrF4y2Jc3iJ3l78D9DDzZxqBiNr4CcMulcxvNtaPy_PFPOb-16QQraaxIKKjzyTKyxC54YY64XMEtph-8ItD_f814TdA1EZJGNxkvhuBpUqdgE08-ho2D3y-52dMCAQL8xEKGncsV8UUOaF7N7FXsMZVnCCpS24kX-QUsKTI_OF7EH2SryFe_K3KL6kdjNKmL38eVOV1nKkVhCY1IkKGWJ4Io70Xx36s-wrnHc48F6_DD4XH9l7Zgd14UABTjh_s1f-2V8NO3si0tjs074Fq6P-tEGNkBPBqrb71Ekan4fhGu9n0qxWQ8UZuOeSaAt0CZ0LwVCVGwUOZYgK1tESQFFaNzi0rvbOXHvZJ8z2lAQ2_63CQjGSiy0raCxpd_QraP7WRlvjQshYl7nFTTSRpSQexzxF7iNyKXuZXWomVwpsfwEy4TTxKhgg7L5Sk6zAvmfPgM9UgyTFsaMD2RUj3B4UqeN0puvpms89yiQ2j8db8xdbJraX6E-XUFINZTQcp_2hYMt7vpt1tkKYr3m5bGcwfbvnCO0ga2vdFzWjANPT_IzsYjutHUH268fEG2kmzvkNKq2lmlUgGhoxOobhiBNuLVsUMXx4cDc7gSeL5EL3VAuIYlXziPrcCMjpldUJnKEo-GcICRtYW07EP2AV4pEtqLi_HwA7mg1P6uZ-GC2lz9yUdquSeG6hXPM08z6NZmN2JHw4OgSKaMmVJ7JzR_Eu3knrPpZEiPZAGsVz6M3iAkyRL57k9y277rFZBBCmJvINbUQKN5lohe1rHAZOu1V7S6RVAQV7hl3U0pSePUHc3T1fi2BEfTAk80swvzAvLwh9v7Ghd6LbdlwtU2CPrBAV-kmaKH8mGOzBYv8jssKndhLfyTci3SKs3PKpp9N4AzX581fGy6uxbsCupNZ4KswP_27N5F7YLZAsiZ4Nk6upeKahjzzRLSV-ym5TpLjiEPNGyY0DZcU0cRsSIMBToYqajZkZ0TlD5jR3DSTPA5W2InCvmhdqNFlCG_nIujzxSkryUfmo2Z54CK1hDMTLtTnEWiibWq5xLSuTEIwpmsUM5QlaFE5V-t1oRrSbnVJrqM3kVmKs4bSiRO1hiO-KhJ6BxbjoF8nwfcExt4mBHR7GZIZLbAiD1VoFqQhb1g9bdvZiQv2X0G80aRyrYqgdLHpXG7jJNg15nRvAOv_SRRQvQjQzt5WJ965TigPTaxV4ue0YVNRzjijM-AETAtxYjYhYUJR-1BDypg8pzGk7VeK_0njdacP-pVEtUdx7oFVXfcuTqubibAuN1Z775EWjv8-qaxMtuTNvaoUPWU0wJmTaE_CEYI34ukBMUt6apSiItI7cS9S3elnn4KTLL1LAS7z1dzAAs-Bcm_Fj2s8O5uSquXbwoAOrApwtpH7zWARydu2VPIsh_37Wzknw4Ll5nMLtKnM2_A9cXDgrjyfjpLiAPCQE1QaE78xlxIFQNr5EuKm81EfXnAqqmnqXLgkvcchOwtVxZeKFt7F6dQZzyXvHcFKvLzKUvmnXfG2mePqrjR1E-fw8G9Wffd5KvwVjR42QMljvZWva82a2pEEnkFS263fLFqTpjtLmMiKBv51hzVGkxySf7r3xITZPTquPfUzDA3O13PJeNabTv57XBxeEFKbBa5qWPUagayxR1xGwZN10zfIErW_M2w7UB8fKUbHugxWnXjgurceqW8Pnw56ZMP2e3q9LlVRoZvKf4bOaRV9jaHvabk8wgLrpqyI5iq0yaOvGUOjti0ltE6CF1XnxfhxHK9p1e76ciNEjqEIddW66KfFUAqNOR8TY4s7xnURWBfrBAYMz0lShSSJVpfPcKzYwNctk84DaiyHV_ttVkSCAtjzdxiefTCswi_lP6PiDmaxRMwvLuAkcS2vCJH36V_j0fVoGTmygWeX3vYe0tF8HT7ak-xcmO-X3mU6g&cid=CAQSPADICaaNrGOJyJ6lDWJGKsimKfXTQMyBQPb-SHrvDMOr5OQmnHHFqyvs6n7W3m9tVie1u5hNtkwwZySMChgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fandroidmtk.com%2F&ds=l&xdt=1&iif=1&cor=11916805575705730000&adk=2988274606&idt=74&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bab9a6a97bed8bc6408476e278ee40c487e5cd077175de044809d6730b9a1a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42477
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6760 0
10 B 12ms
12ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AWlaGQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1520186/71964881/ Frame DE88 46 KB
12 KB 112ms
34ms Script
application/javascript 52.209.195.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1520186/71964881/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012253692&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20287343715&bidurl=https://androidmtk.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gGw-g-PYKomRSreE1RmkfC
Requested by: Host: androidmtk.com
URL: https://androidmtk.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.195.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-195-170.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1a4d3e21879c4a141048e99f02918e540934bb8fe5163bce79c01631520a63a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame DE88 111 KB
39 KB 83ms
24ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
Origin: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 06:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 06:30:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame DE88 11 KB
4 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CzVG5n6j9k14OWWQ7qvWMxnYbm_f8Ez2rintU2-bEb_-zBvtsTwVK98HAIiPHnxuSeg7svE6BFcTOBkDibyBQVYW6DaHdpgGU8kaG7zDt3FbirwbU7_xhqGB9KFKc4fXEwEkMHIN7V5NkgzQAhFMedpsBZQR8wnjipYw7u-xev4DufEW0&dbm_d=AKAmf-DOP6Jq-jAfvsnvs4RMNZIk_khkJF-K6pQOVly9jNNIiPRY1-pv0VxI_gm_7t-RJbM88iPFAE-cEYXMx65a2zaPSWVdl95az3J6V5Z7t8X9olR-gzsL7MCEIQ6absjAqhNptfHP9VGEr1emiZ5VKIcYSyENrspn_ghHKDTQfvdCo_YywE56eezSpznvP7oW2hAaujWkHvqkGvG_s-88_k4pkeT_2IERYDwk6CXexl2FdbbAKH41P-c_-TbDcSMCqeChwEYLQpiWG_yoZM6w0JHucYOqhWI3_YHAsfuiCEHoRNS9C8mKvbtor7z0V-6bwzHJH1IvRAitqdXKmTXhZDxA1dx-2svR8czScOc8S6yd7Jtmv7VZUlc4GFm7LzgCFwIdAiWvdYOJRStFiPHeCV7Grc0x0Op4Sfi2KGoLEE5nnsQPYjlqUid2Touie1aqk3m0J2sFR8qY5TPUjFEDDnuhKUftztdQHOi9WILAwHQYxTiyY63JRFTt01UzQr8apqPJKn2mkDiN9z9uQkTkRIaECMnUe-A3RhSBD03tgP8lgBH5V---PhA62-AT0UvNr1tt5eBzV5BncyUNg7k2_nyMlCIh2VOcKV-Q7XD6RLsMfh8mpRMdVypuZE40imSugULBKhDJbHgsBiwM6gj-olxI-dQ04ZKoy_bCJvLNo6GhVROW8EJ1GvgBbCSsv1QImdxtyKErsWXiEh7OndgmlIP0EK7uRL0RNRcupV7oDT_rD01lviis5gnCuQnSMVrk2DJFLFrv3b-RQkpIj3Ms-iUWE4YAZre8vA9sI2BNUtoPcHghKphe3mDDSai8bL19GtwplTTauUdRJ1l3gKWU0zY6ylRitX6x6MGrz2sGQ4sfRDZJUr1ZFV_SlCCgUV4EX9fXDta0Efr_5qOrhfyLGiZkAtOwhXY3yvkFh8nRQh2cOTJ0GGZCrkjxjvrgIlZjlV4w4DUS0sjf9H0u12eZ247_bS4CKkKaq1W1dujjxXPUu6uCNmXKmw6OEqcnCdiC91EvJpVJJxoU0qJnwEAIyXEYQQJLvFvnVzxq7bupdqu8ae80W3lSjMWrH7jcLi0KbRElx_VTyZOr63-Rg4HuUev3BdkYX2pcD58FQJHHpZiQQCO0DM610Yg9aV_sGH_tXaPZ8_b8PamVHy42kT8Ir41b6YEtbkv3bKO9f19iuga1qccqZtoKUyBlqFHOw3NcZWtfmCn3NkLdiYIOANW-9I0RFOL4Sq5Lfi-t2ois9qochPzlgWXLe8-hxXzVqCQjLrDS3J57wZ_03EgFw_EBg3q1REny6YHuEsObi1HNAxvHMWIc_CTCiIprqWlIGUX5iSPk9TiB3sxdfGHBf-Rkqmg5Jq5S2h5mgAhLSdOHS09rdg2PMftaye-pNz3Em7B9bENIJq8FuN6Ulca2lYZC3MR-SsFJoKyRJC7GpEoL1cX3ijyk7eP2UlyMuRuZxAtWuutjkFDucz8iJVK-nZf8LICH6UtoBBaAnmIx9nzjFhgbHQgDY0M6o6uuYuWtwPcpEcl4oLm3LtUHcUIDfuWrERdqaSaIzW2qMG-rUz4mke9lYbpzAhOMi69KQo3vFMx4nVeaQ9RRlZOZOrWveL5XB1q5ih0zCLTAgTpFzNfTjr38qRYSjvqtqDxOVZMAGoPJ6f8TVXfcr1COHhNwOd9dWcABcP_pAO4mlODLWKnwA0OY4HBK3kE49-N4PmxDMCZmsi9000inCxCpSp0KmvgqX7wAajy11tfCpXB-WCKPxEd1vRqrAn60MS4_7p0FKyL-yPdZOwn5Yc0AlPs3bTKvhnuGj1CubVVGXAZhTBvPDdNxmMXkPNtya9XyekX_cWcbYmzkdFbBDmyqZNPtVa94LlmQkx0Mw9-M3wNk25chMeBTvA8izYfW_PXPCKf-IvOK5lAgiZsKt8jXrF4y2Jc3iJ3l78D9DDzZxqBiNr4CcMulcxvNtaPy_PFPOb-16QQraaxIKKjzyTKyxC54YY64XMEtph-8ItD_f814TdA1EZJGNxkvhuBpUqdgE08-ho2D3y-52dMCAQL8xEKGncsV8UUOaF7N7FXsMZVnCCpS24kX-QUsKTI_OF7EH2SryFe_K3KL6kdjNKmL38eVOV1nKkVhCY1IkKGWJ4Io70Xx36s-wrnHc48F6_DD4XH9l7Zgd14UABTjh_s1f-2V8NO3si0tjs074Fq6P-tEGNkBPBqrb71Ekan4fhGu9n0qxWQ8UZuOeSaAt0CZ0LwVCVGwUOZYgK1tESQFFaNzi0rvbOXHvZJ8z2lAQ2_63CQjGSiy0raCxpd_QraP7WRlvjQshYl7nFTTSRpSQexzxF7iNyKXuZXWomVwpsfwEy4TTxKhgg7L5Sk6zAvmfPgM9UgyTFsaMD2RUj3B4UqeN0puvpms89yiQ2j8db8xdbJraX6E-XUFINZTQcp_2hYMt7vpt1tkKYr3m5bGcwfbvnCO0ga2vdFzWjANPT_IzsYjutHUH268fEG2kmzvkNKq2lmlUgGhoxOobhiBNuLVsUMXx4cDc7gSeL5EL3VAuIYlXziPrcCMjpldUJnKEo-GcICRtYW07EP2AV4pEtqLi_HwA7mg1P6uZ-GC2lz9yUdquSeG6hXPM08z6NZmN2JHw4OgSKaMmVJ7JzR_Eu3knrPpZEiPZAGsVz6M3iAkyRL57k9y277rFZBBCmJvINbUQKN5lohe1rHAZOu1V7S6RVAQV7hl3U0pSePUHc3T1fi2BEfTAk80swvzAvLwh9v7Ghd6LbdlwtU2CPrBAV-kmaKH8mGOzBYv8jssKndhLfyTci3SKs3PKpp9N4AzX581fGy6uxbsCupNZ4KswP_27N5F7YLZAsiZ4Nk6upeKahjzzRLSV-ym5TpLjiEPNGyY0DZcU0cRsSIMBToYqajZkZ0TlD5jR3DSTPA5W2InCvmhdqNFlCG_nIujzxSkryUfmo2Z54CK1hDMTLtTnEWiibWq5xLSuTEIwpmsUM5QlaFE5V-t1oRrSbnVJrqM3kVmKs4bSiRO1hiO-KhJ6BxbjoF8nwfcExt4mBHR7GZIZLbAiD1VoFqQhb1g9bdvZiQv2X0G80aRyrYqgdLHpXG7jJNg15nRvAOv_SRRQvQjQzt5WJ965TigPTaxV4ue0YVNRzjijM-AETAtxYjYhYUJR-1BDypg8pzGk7VeK_0njdacP-pVEtUdx7oFVXfcuTqubibAuN1Z775EWjv8-qaxMtuTNvaoUPWU0wJmTaE_CEYI34ukBMUt6apSiItI7cS9S3elnn4KTLL1LAS7z1dzAAs-Bcm_Fj2s8O5uSquXbwoAOrApwtpH7zWARydu2VPIsh_37Wzknw4Ll5nMLtKnM2_A9cXDgrjyfjpLiAPCQE1QaE78xlxIFQNr5EuKm81EfXnAqqmnqXLgkvcchOwtVxZeKFt7F6dQZzyXvHcFKvLzKUvmnXfG2mePqrjR1E-fw8G9Wffd5KvwVjR42QMljvZWva82a2pEEnkFS263fLFqTpjtLmMiKBv51hzVGkxySf7r3xITZPTquPfUzDA3O13PJeNabTv57XBxeEFKbBa5qWPUagayxR1xGwZN10zfIErW_M2w7UB8fKUbHugxWnXjgurceqW8Pnw56ZMP2e3q9LlVRoZvKf4bOaRV9jaHvabk8wgLrpqyI5iq0yaOvGUOjti0ltE6CF1XnxfhxHK9p1e76ciNEjqEIddW66KfFUAqNOR8TY4s7xnURWBfrBAYMz0lShSSJVpfPcKzYwNctk84DaiyHV_ttVkSCAtjzdxiefTCswi_lP6PiDmaxRMwvLuAkcS2vCJH36V_j0fVoGTmygWeX3vYe0tF8HT7ak-xcmO-X3mU6g&cid=CAQSPADICaaNrGOJyJ6lDWJGKsimKfXTQMyBQPb-SHrvDMOr5OQmnHHFqyvs6n7W3m9tVie1u5hNtkwwZySMChgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fandroidmtk.com%2F&ds=l&xdt=1&iif=1&cor=11916805575705730000&adk=2988274606&idt=74&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 14:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 14:00:57 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame DE88 31 KB
12 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:11:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DE88 41 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A461 1 KB
643 B 14ms
13ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Sat, 09 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DE88 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dd933d7949b64871c962451cfb013daa86639d5f470e9d3c7e0859ddb7ecf06

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A461
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHOSwrxADgP_wW1JcRIiNQ8&google_cver=1&google_push=AXcoOmQivfVfSr8mcy8OSFdUV9cLDpM0L38DEyhR_26Jzsu_qhlKxoDXDP84Vj0-XrQ6VhYxydUEoe6dNzva1JR3xT4om42sXsc
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Njk4NjIxMTI4NjkwNzcwNDM0Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHOSwrxADgP_wW1JcRIiNQ8&google_cver=1

43 B
398 B

56ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHOSwrxADgP_wW1JcRIiNQ8&google_cver=1
Requested by: Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHOSwrxADgP_wW1JcRIiNQ8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A461
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFNIu6HtGqolh7jiGgQXJos&google_cver=1&google_push=AXcoOmQGE-7R-E6efyecJhihEsRB_peS2sANcRICiWYdSvLeV3tx7zaE9biA5q1usYRGcM8X2C7IvxeIbWR-uv1QHo6WYi0...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFNIu6HtGqolh7jiGgQXJos&google_cver=1&google_push=AXcoOmQGE-7R-E6efyecJhihEsRB_peS2sANcRICiWYdSvLeV3tx7zaE9biA5q1usYRGcM8X2C7IvxeIbWR-uv1QHo6WY...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQGE-7R-E6efyecJhihEsRB_peS2sANcRICiWYdSvLeV3tx7zaE9biA5q1usYRGcM8X2C7IvxeIbWR-uv1QHo6WYi0xNP1t

170 B
188 B

24ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQGE-7R-E6efyecJhihEsRB_peS2sANcRICiWYdSvLeV3tx7zaE9biA5q1usYRGcM8X2C7IvxeIbWR-uv1QHo6WYi0xNP1t

Requested by

Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQGE-7R-E6efyecJhihEsRB_peS2sANcRICiWYdSvLeV3tx7zaE9biA5q1usYRGcM8X2C7IvxeIbWR-uv1QHo6WYi0xNP1t
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A461
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRglb...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-ZFQ99OTFu-_x5GfDLISfpQWKPph0yO1pFgzDYg&google_push=AXcoOmRglbyw1ZX6xl_N6mzMr1VC2-_7o7-L5R5VZSIOorh0xVWzL5jb1-nRdCdACFnPf5E019CTWceXq_99...

170 B
188 B

23ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-ZFQ99OTFu-_x5GfDLISfpQWKPph0yO1pFgzDYg&google_push=AXcoOmRglbyw1ZX6xl_N6mzMr1VC2-_7o7-L5R5VZSIOorh0xVWzL5jb1-nRdCdACFnPf5E019CTWceXq_99mwIt6gOihqgBvts-

Requested by

Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-ZFQ99OTFu-_x5GfDLISfpQWKPph0yO1pFgzDYg&google_push=AXcoOmRglbyw1ZX6xl_N6mzMr1VC2-_7o7-L5R5VZSIOorh0xVWzL5jb1-nRdCdACFnPf5E019CTWceXq_99mwIt6gOihqgBvts-
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1136880
content-length: 0
expires: Sat, 09 Dec 2023 00:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame A461 42 B
233 B 272ms
88ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEIBHKDEkT08Nkmusvh7Ya8w&google_cver=1&google_push=AXcoOmS_VRb12rgVh_s924QL0KoRTIMk3Co8wHRPr3xO0iZWE4ZxWL4-h9tn2uMf9pJyZdg8x75j9Q6NehwPzX8kUJtT0b4etkH7
Requested by: Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 12:14:23 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame A461 0
35 B 45ms
9ms Image
text/plain 54.93.159.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEIlNOWNqH-_Buxm4W55EbFA&google_cver=1&google_push=AXcoOmTlNpnP5-0GQPoKbbaws-Ur8UlShOHRh8NH6L6CONOr83eqU6QxBVTKqKV7mqcdytFp-FULLCujOKqkpSMU3THZ6xrP8ioxUw
Requested by: Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.159.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-159-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:23 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame A461
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEH0uaev0TqyEJTaiNUt_X-s?ext-param=AXcoOmRvo-uIDL1OLodZU_4f7RJ95HkL3aIrDMJIlc2sxTHb0DoaTTdoR23wu9MNnjjI7cImslwOL0NFpFw-kp_YIct8ivvk6wLjmg&partner-tag=yandex_ag...
https://an.yandex.ru/mapuid/google/CAESEH0uaev0TqyEJTaiNUt_X-s?redir-setuniq=1&ext-param=AXcoOmRvo-uIDL1OLodZU_4f7RJ95HkL3aIrDMJIlc2sxTHb0DoaTTdoR23wu9MNnjjI7cImslwOL0NFpFw-kp_YIct8ivvk6wLjmg&partn...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEH0uaev0TqyEJTaiNUt_X-s&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

62ms
61ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 23 Nov 2024 12:14:23 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame A461 43 B
146 B 25ms
8ms Image
image/gif 35.157.229.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJHYUX3OZTszS8KqMtK2w6o&google_cver=1&google_push=AXcoOmQM_ZsMkXq6qeEoynfPQ9KmiiMfR48CF-Lf9uOD67Y__N8MnxgDUcKVy4laZPSO_0vHVtl6OU3yg4K_9QwQS_-SgtPQegleFA
Requested by: Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.229.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-229-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A461 0
12 B 22ms
22ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0saafNHol_xw1qdmWzdJeiujtiFTqAXZUf3Ocvw_sfZ6GAw655i8arbROmFhY8dry9yipKNjh

Requested by

Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B9F4 38 KB
13 KB 13ms
13ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:51:43 GMT
expires: Sun, 08 Dec 2024 08:51:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

firstevent Show response
jpmcbankna.demdex.net/ Frame DE88
Redirect Chain

https://jpmcbankna.demdex.net/event?d_event=imp&d_src=441384&d_site=8504253&d_creative=193268044&d_placement=368994727&d_campaign=30127422&d_bust=2881121225
https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193268044&d_placement=368994727&d_campaign=30127422&d_bust=2881121225

42 B
727 B

37ms
37ms

Script
image/gif

63.34.88.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193268044&d_placement=368994727&d_campaign=30127422&d_bust=2881121225

Requested by

Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

63.34.88.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-88-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-031c8e95e.edge-irl1.demdex.com 5 ms
pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: n/r4qLl7SEM=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-072f93fba.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 2bzWOvYISv8=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193268044&d_placement=368994727&d_campaign=30127422&d_bust=2881121225
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/ Frame 3772 9 KB
3 KB 45ms
15ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2849e4fb1711147379c4373a2a59e9f8263a70c6aec292125b3a9588dee825cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 23369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3075
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:44:54 GMT
expires: Sun, 08 Dec 2024 05:44:54 GMT
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DE88 0
0 98ms
59ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxScFH2DFiddA3092JXWvX8_LWcM2lht5dbVuNhWlu4Vk0gDhw2UyC58Xjhfah0xqjk8zzDCSK2MMSHnnhYl1UjJa_IaBtep0F2wkj5E9wno9r-knkJSQ6pDviMWWAF8NtHsVPLSTLAW8e2ER-KE4dIAQSvWBoSXyFqnFK9OH8bR8U7aN6VYExUHMTmdCt8tO05dqoA8CsIB8CI3ccLjVGD-Yos3UqnfDeRnQw-i7E8f8rOI-L26XFpjdrQTqMXTMdXCfHCwSpDuszKGqQfU4bZ2ScXSBsFhTt9O0tRD4fkD4qPvvHYGMU7WwgSBF0st0fzYWmSuIP2ZHfIHz54TVmdKMq4IxbVGlc6sNGIYRyZygJK09Lb8y_DYEtDvl-jXTkC7A0WKetMHByiC7xrfrE06oH1FXqkCJUw1f15ALdDbXn7R0FC4UZb34ZEdffEcIG6aZs-GGIHm1Jaz0XAfvMoStRds1PhanZx0eiPEJwIscUjdTcSJAD-sD9Sr2zULcDQF3BLwy7JAQDHD5QKts_SETjK9_qGeYOlbJN8R2gr02fXohnavjx652Yl0PVjJbK2oORBtYaQHX1JrCewbJxiysX5lj8QQppw5re4xO7tpy0IzjJbu1eTWvE8SVFDCPcgqSnV5oSMEQtAC051xjWFmdBj0PlQSTGmSG9bnQquelPSw84wMBprdzP9U-KlepUfebHL2QkGoUoasxAWR_yKQtTCTv5K4r7G444sKi65b2gca3aNRYgJ5W_KbWGPL_LlxGT-I0J0HhT3AHeqoLhI2UcknXP0Za_Qr6vPFx-IYuzGLxWyWwa2wBNsGAxeDCgJFTUF6lNxSiLHnuheNsbBmeXXjs86MD_Rfbqm5GQ47WHfOsY7WO3xun6RGM93bQSzmNRRpJHfPj3NkryOQyrF94YWvpctNzKwzPNLDKZ3Xz0qfRnQBMGXM1O0qdxnHzi2NM206dMaQjl-68lIR--5k2hH4YEidpwJnmansUmdBSsvNr1XEKikd1kbhNcDfbAA_BP1rHx__wyp0Gbgm89jgFuOuzHIBAAgTVU8RgYxEKP5TGRyM-EkUkPuKrHoHmvNalLZYNwnMHgaosQlUTupcOvqEr4ct3uxwzbBueE2JSzf5sEsPwGWVWUXzoXsRswucKd4zqUBgiy8ZNQyoqwkh9k6mbWrwi4FKvsU7IupVmhu8n9Rc-YOAVOwVDei8bPqzMzRYeu0IrPhaDbq6oDfjbXoCZeLkA70ax9mQnUzw0SEI-Vqn8-mbqJPd2FqWdjEy_kdrRMbfw1w77q8tLI1-GNpWqCOfLkN_CXDF-aWoQUkDHJT3F-VqxKOWY-vT9yIGWS84ErNuR1CUKXuHGfCMC4ea77SCJiUTJA0y7QSNqjjWzUnFJEIwqoMdAP3Tr9wHFkDu-jaXgHXYZCAXWNaXgk5kqjfj8Az4rvTfdjNuqnUYLLy6mo&sai=AMfl-YTFRtM5ro2TpKYErZv54ExBjikyTxiRi0L5ICZaeTfDwLhWdB0ftiCiuGCRKuRT80UQWee1q9bl45VjuizCyRfHTpuVLxjV0biBEdih4-MvKvIyoQ8Fq5s3iusxACFE3PiZkw0WrqEoPSMF84LpkGSwJ5ydpFVwNtzP5dMLJyFGxcVF1uu89hI0L3pjl19F3m7WAGheitbzQhAXxsNuZgmANLrm3SKs7kuv8sQvvMcfus-cTHlOSPDSL6jS5unipuHva24&sig=Cg0ArKJSzCQNzeOWmL9FEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=102&cbvp=1&cstd=100&cisv=r20231206.94473&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 12:14:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B9F4 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:01:59 GMT

GET
H2 200 main.19.8.464.js Show response
static.adsafeprotected.com/ Frame DE88 213 KB
66 KB 89ms
24ms Script
application/javascript 2600:9000:2127:ba00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.464.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1520186/71964881/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012253692&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20287343715&bidurl=https://androidmtk.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gGw-g-PYKomRSreE1RmkfC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:ba00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:14:56 GMT
x-amz-version-id: UVhHGORh2DNEUMNNkt_WUa02s5tqiqCw
content-encoding: gzip
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 143968
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 07 Dec 2023 18:46:00 GMT
server: AmazonS3
etag: W/"abf69ba4c667ac44b2f9c28f5047f6bd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: xNiPQR-rsNeuowgLB3M63JGM21QPNVzkzRVoMUnhktpAktmpg3L46Q==

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/css/ Frame 3772 2 KB
712 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/css/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ec144c2784e505a6998ac7bc3e6c43c0978b5a777065d24a58ebf14285db43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:05:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 683
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:05:12 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ Frame 3772 87 KB
31 KB 84ms
25ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:15:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:15:51 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame 3772 64 KB
23 KB 36ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2451666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23292
last-modified: Fri, 22 Apr 2022 16:32:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6262d89e-5afc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjRRFTdpF%2Ba3q8gVNFCXdVGdi8%2B7PVJUmCejPpG0j47ERsoU7x08dy3GY1sVoTBs50j4yTLtiKv9yUUQM9XURSwMhEmSnpDWbTAUwnF1AuBea%2F0NI3v16auzsQQjwYHKLWDyBvWG8qYLaXGhdoUQbtDA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 832d2ae4b8ee048b-FRA
expires: Thu, 28 Nov 2024 12:14:23 GMT

GET
H3 200 text-1-a.svg
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/ Frame 3772 8 KB
2 KB 16ms
15ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/text-1-a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b07ec8dcb86cc9098abaa4ebd584f223c366002428e034401631dee8cc497c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 09:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1765
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 09:04:32 GMT

GET
H3 200 text-1-b.svg
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/ Frame 3772 6 KB
1 KB 16ms
16ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/text-1-b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3920625e348d5be5c12e3fffdfcad00356707708e68a57fdc5801ea004a23635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 09:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1287
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 09:56:59 GMT

GET
H3 200 text-2-a.svg
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/ Frame 3772 7 KB
2 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/text-2-a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42dbd5286f7727001e0fcddcfde268ff7a81dfe74a67bd09b2887ccd3c10a4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23369
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1512
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 05:44:54 GMT

GET
H3 200 text-2-b.svg
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/ Frame 3772 8 KB
2 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/text-2-b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05a765e98d1bc5f151471c2052822ec56f5ad0fb3dca16c1dc9bcc8d27e7f152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:05:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1829
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:05:12 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/ Frame 3772 7 KB
3 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86d48a5aa826b41407e603ca336ab43200607642fbe4918454a800ae2938efcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2671
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 19:18:25 GMT

GET
H3 200 logo2.svg
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/ Frame 3772 5 KB
2 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84ddbba199320b818a824527ffaf1066934f62bf181d0918f98f35412a2186b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2003
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 19:18:25 GMT

GET
H3 200 mc.svg
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/ Frame 3772 7 KB
2 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/mc.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a33fe8ff7872098b135e75197ae2802839699d34036a478d60a7c500e8498126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1724
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:07:16 GMT

GET
H3 200 risk.svg
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/ Frame 3772 5 KB
2 KB 14ms
14ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/risk.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

583658c0cbd97f641e381f333fd0634cda76ae42767a9233ebcd1bf9f129f4ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 11:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2543
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1625
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 11:32:00 GMT

GET
H3 200 wheel.png
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/ Frame 3772 41 KB
41 KB 14ms
14ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/wheel.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2d1582ca42ff7f3ea326fd1f5c1875c6f9d7e61b7dd2182bcd25019b1519739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 15:34:08 GMT
x-content-type-options: nosniff
age: 74415
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41893
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 15:34:08 GMT

GET
H3 200 text-3-a.svg
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/ Frame 3772 4 KB
2 KB 14ms
14ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/text-3-a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c25ae749e499cda3221b28ed76a89d9a95a0b4ecc42c83417222dfecb5549b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69291
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1528
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 16:59:32 GMT

GET
H3 200 text-3-d.svg
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/ Frame 3772 4 KB
1 KB 13ms
13ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/text-3-d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79542c89c86090f3175a47533c3aee563f88fd30a2f4b821e32e5648c3ec1ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1158
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 17:31:35 GMT

GET
H3 200 cta.svg
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/ Frame 3772 4 KB
1 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/cta.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f781152f1c6fae24f4564b0836cfd664cc0fa210ef73e2439148b8551b0fd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 09:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1048
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 09:04:33 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/js/ Frame 3772 2 KB
589 B 14ms
14ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/js/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baebe1d44bd3b42ab45b474c20fab3fa861b7f6bd5e3606e3d2ceaa2f4ca8883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54428
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 560
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:07:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9F4 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BaElwH1p0Zbm8D-WujuwPx7KesAwAAAAAOAHgBAI&bg=!zs2lzYLNAAY3kmNgF5I7ADQBe5WfOLRdsVVjnZZbfyTMPlU5qhDpBPIu4TscEG6QVt_efrFoqmQ_bs7GvClpVkyJoh9rAgAAAFVSAAAAAmgBB5kDlHFsu0h-IqrARbwyYNGPPCTJhBz4ivxidEvbkH-KlCc0og1ONo_Uu_CGG6FBUKMpEkejQyTc5TnrofxEmJY1jOZG9mpqCS2t_PftJtt36UdhLijSvSmBH-hbzRDU0FH-a3di3GlJtK-vSubGU5ufLH3XpCAJWzvOEeY5CQRVgU_HMRvEzJYkfzVW4FJ_oZ3Qrr_6S2L93A4BQ7UTGUVL6Rfh3bEnKMmmGUG-yssnNrlYaom0doUs02rmJKlvgU5tQYYT6P_xZPIENb601Sv5iw4z76OX3G3ul1wIBldScmVpaSENLfrDaDRjm259GBc43nvpfVHqDNdGhQ27n2ILfm8E5qUiq2h7hPWYHq-zFcBgYMWY8_WPUKa63vvPavJ7p45RO9gceoe9kaL7uuUuJP9u32lo7NceVYAVIKr_VlMgvPm2B-AqoCJLh1ES_RChvdL8smTD1OHZTuQT34yXg362eJ2EfbUnEaIyM9-3iUP0eI9bNgdKpCz_LT2JntiP6FhFkdsr9lm0DInAH2PMPizOTssKopyoo93ebBenlDTKHFmjKru3JLEke5PwUbx9tBF-dNYADY7T8Jx-gCzNoLgb0iokLo2idSGcdYnwCGU5a4jOQSaaEtTE3k6A-LI3UVoHl7so5oqn2rETfZbwb3EHpFnl0bRJbQXieu4bByPuj9zV3HIsV6VjOFT1FRrrUode-uL76pnIy7-Je7w0xHOnEc5IIUgCeJoJ08yMlSEZ206caKtp-O1l48SkoigGatAJxqeDG2frAdcJcttc55jfDS5zioafdegSW9FT930Y8GIIloyIgRQGVIaV1RSP96uyV_dhXmwMPBxujxBaHojgMr7BOqXFASZxH0L8Ghg93Q1Iym4OAH6fqNcN6a24DaiNqtSjg42o_IbtdztMxMcnN3em9LvA6n524sa8n8-ckhCh0R6KPsH1DU0YM00q6Db4Gqz-rsSNJ-P3LINmmC6JsByj-rnycqW6Xmu6CKR3aB8dgVtmEEcS4b1VwV-ruT_wBTi03eJ_QSRHNZG0wfU1NMnLhBE55CeqMmroQWv9U31D_r2LTbZWLYT7KVqXTrzKoQz1wWP8E3DzTFzMQ7_KEhsSgOZR7TUM2qlQfInYV5na3p5qPcbFKNedr04b1JYNQopwPvCAWy2rxOe7S06zPQ0NgtZ4aXFKB3rzNsjMB0KNw1j5O1Ha6I5mDJDw_LNp6wQ

Requested by

Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/ Frame 3772 84 KB
84 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/images/bg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84e57a8533b86c8a5e6ee970a3d8302c7cafcc2633cfc457be573101c4b69b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7306417857189039219/JPM54104_CCSF_GP_2023_DE_728x90/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 08:12:26 GMT
x-content-type-options: nosniff
age: 14517
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86092
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 18:16:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 08:12:26 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame DE88
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1520186/71964881/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012253692&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20287343715&bi...
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}

17 B
475 B

21ms
21ms

Script
application/javascript

2600:9000:2127:ba00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
Requested by: Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2127:ba00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 6339185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: IEunZq69Fv7A8JcPkPLyvtxxNNb57ZCi_M7uduibYJhUCJlJQH0qkQ==

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
server: nginx
x-server-name: app16.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 3325 91 KB
23 KB 25ms
25ms Script
application/javascript 2600:9000:2127:ba00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:ba00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 6869113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 5lbqtuW04yX8hImVD82wf7ugSmB6E9qzfcQ1s3MECCqpnMYwk7twiw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE88 43 B
215 B 548ms
181ms Image
image/gif 2600:1f13:800:7782:7a4c:88f0:f811:a639
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=496c327c-9fb0-d0bd-88bf-80062268a3b9&tv=%7Bc:wiXKcJ,pingTime:-3,time:179,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:151%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:179,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:151,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXWz6CK+11%7C12%7C13%7C14%7C151%7C161%7C171%7C18%7C1911%7C1912%7C1a1*.1520186-71964881%7C1a11%7C1a12%7C1a13%7C1a14%7C1b%7C1c,idMap:1a1*,rmeas:1,rend:0,renddet:na,siq:152%7D&br=c
Requested by: Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:7a4c:88f0:f811:a639 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:24 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE88 43 B
215 B 546ms
182ms Image
image/gif 2600:1f13:800:7782:7a4c:88f0:f811:a639
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=496c327c-9fb0-d0bd-88bf-80062268a3b9&tv=%7Bc:wiXKcK,pingTime:-6,time:180,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:180,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:151,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXWz6CK+11%7C12%7C13%7C14%7C151%7C161%7C171%7C18%7C1911%7C1912%7C1a1*.1520186-71964881%7C1a11%7C1a12%7C1a13%7C1a14%7C1b%7C1c,idMap:1a1*,rmeas:1,rend:0,renddet:na,siq:152%7D&tpiLookup=ao:androidmtk.com*%2C0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com*&br=c
Requested by: Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:7a4c:88f0:f811:a639 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:24 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DE88 0
0 52ms
51ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxScFH2DFiddA3092JXWvX8_LWcM2lht5dbVuNhWlu4Vk0gDhw2UyC58Xjhfah0xqjk8zzDCSK2MMSHnnhYl1UjJa_IaBtep0F2wkj5E9wno9r-knkJSQ6pDviMWWAF8NtHsVPLSTLAW8e2ER-KE4dIAQSvWBoSXyFqnFK9OH8bR8U7aN6VYExUHMTmdCt8tO05dqoA8CsIB8CI3ccLjVGD-Yos3UqnfDeRnQw-i7E8f8rOI-L26XFpjdrQTqMXTMdXCfHCwSpDuszKGqQfU4bZ2ScXSBsFhTt9O0tRD4fkD4qPvvHYGMU7WwgSBF0st0fzYWmSuIP2ZHfIHz54TVmdKMq4IxbVGlc6sNGIYRyZygJK09Lb8y_DYEtDvl-jXTkC7A0WKetMHByiC7xrfrE06oH1FXqkCJUw1f15ALdDbXn7R0FC4UZb34ZEdffEcIG6aZs-GGIHm1Jaz0XAfvMoStRds1PhanZx0eiPEJwIscUjdTcSJAD-sD9Sr2zULcDQF3BLwy7JAQDHD5QKts_SETjK9_qGeYOlbJN8R2gr02fXohnavjx652Yl0PVjJbK2oORBtYaQHX1JrCewbJxiysX5lj8QQppw5re4xO7tpy0IzjJbu1eTWvE8SVFDCPcgqSnV5oSMEQtAC051xjWFmdBj0PlQSTGmSG9bnQquelPSw84wMBprdzP9U-KlepUfebHL2QkGoUoasxAWR_yKQtTCTv5K4r7G444sKi65b2gca3aNRYgJ5W_KbWGPL_LlxGT-I0J0HhT3AHeqoLhI2UcknXP0Za_Qr6vPFx-IYuzGLxWyWwa2wBNsGAxeDCgJFTUF6lNxSiLHnuheNsbBmeXXjs86MD_Rfbqm5GQ47WHfOsY7WO3xun6RGM93bQSzmNRRpJHfPj3NkryOQyrF94YWvpctNzKwzPNLDKZ3Xz0qfRnQBMGXM1O0qdxnHzi2NM206dMaQjl-68lIR--5k2hH4YEidpwJnmansUmdBSsvNr1XEKikd1kbhNcDfbAA_BP1rHx__wyp0Gbgm89jgFuOuzHIBAAgTVU8RgYxEKP5TGRyM-EkUkPuKrHoHmvNalLZYNwnMHgaosQlUTupcOvqEr4ct3uxwzbBueE2JSzf5sEsPwGWVWUXzoXsRswucKd4zqUBgiy8ZNQyoqwkh9k6mbWrwi4FKvsU7IupVmhu8n9Rc-YOAVOwVDei8bPqzMzRYeu0IrPhaDbq6oDfjbXoCZeLkA70ax9mQnUzw0SEI-Vqn8-mbqJPd2FqWdjEy_kdrRMbfw1w77q8tLI1-GNpWqCOfLkN_CXDF-aWoQUkDHJT3F-VqxKOWY-vT9yIGWS84ErNuR1CUKXuHGfCMC4ea77SCJiUTJA0y7QSNqjjWzUnFJEIwqoMdAP3Tr9wHFkDu-jaXgHXYZCAXWNaXgk5kqjfj8Az4rvTfdjNuqnUYLLy6mo&sai=AMfl-YTFRtM5ro2TpKYErZv54ExBjikyTxiRi0L5ICZaeTfDwLhWdB0ftiCiuGCRKuRT80UQWee1q9bl45VjuizCyRfHTpuVLxjV0biBEdih4-MvKvIyoQ8Fq5s3iusxACFE3PiZkw0WrqEoPSMF84LpkGSwJ5ydpFVwNtzP5dMLJyFGxcVF1uu89hI0L3pjl19F3m7WAGheitbzQhAXxsNuZgmANLrm3SKs7kuv8sQvvMcfus-cTHlOSPDSL6jS5unipuHva24&sig=Cg0ArKJSzCQNzeOWmL9FEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=330&vt=11&dtpt=228&dett=3&cstd=100&cisv=r20231206.94473&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: androidmtk.com
URL: https://androidmtk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:14:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE88 43 B
216 B 538ms
181ms Image
image/gif 2600:1f13:800:7782:7a4c:88f0:f811:a639
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=496c327c-9fb0-d0bd-88bf-80062268a3b9&tv=%7Bc:wiXKcT,pingTime:-2,time:189,type:a,im:%7Bsf:0,pci:%7Btdr:37%7D,pom:1,prf:%7BbeA:330,beZ:331,mfA:466,cmA:467,inA:468,inZ:471,prA:471,prZ:477,si:482,poA:483,poZ:495,cmZ:495,mfZ:495,loA:510,loZ:512,ltA:518,ltZ:519,mdA:332,mdZ:445%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:151%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:189,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:151,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXWz6CK+11%7C12%7C13%7C14%7C151%7C161%7C171%7C18%7C1911%7C1912%7C1a1*.1520186-71964881%7C1a11%7C1a12%7C1a13%7C1a14%7C1b%7C1c,idMap:1a1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:152,sinceFw:35,readyFired:true%7D&br=c
Requested by: Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:7a4c:88f0:f811:a639 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:24 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
52ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=3124438057950018&bg=!iYqlisXNAAY3kmNgF5I7ADQBe5WfOAY3-AnHVUIGIuYRfPHSWSIC-DigcpOAL0ud_BeHnZzai89n4DgCaqrp994UvT7IAgAAAFxSAAAAFWgBB5kDAw_wzTZcEiFeV3ZP8cK1F4bHJxRPaOd1DD7gkBXkI2qemzHV1hnQonwfeo5GP4MZd1ionxs8uoBhBdXibkKPIx-EMeuKwrvw0O6EqhTzbro5FCfcU81XKhHXRXkCKLf1qRuSE4azryH9mTZw-0WB6WhCs3hjVLf8SuJ0jLPDaYMETIlaO8U7KwQGa3gNrbcPltMbWh-jPa6QeqRttK-fD4l5tFSMYexuzqKSiE9b7S_2Vaib2xRKXsy-Id3kluYIwhcDvaYkNE4K54bUjkjD7mJcXAzgJTO0AvM9DxGFgaCgwsuu8H2r_Toj82yg_Ksz8VD2H5Gm0KpnVYy5PuoMuMOzNbsQi-Q_DFXBdA7MMRDmtrzDPOoyl9KpwX3JMs0zwv0Lpk0FilF3pfaBu1jritVhoT5hrenPdYvIgHs8w4roMW7bdSo0hj9P3U6OhUWQqujR7O6uKYyChqLVLiPqvd0Tl5BlFk22yIthMA3-Re3NFDcHzWVtxVJ4W6-PmaVCmcB7yrfv2sGccMofjH6HGffjSibcMhdME-5LybESj9dkrhInzO4GZiBC8knTMginOiEekPtuJfVsxM2w6B-fQKsqCGRJAXJJy3So8_4cc8Q17vNJiddCn_EsvFMIHyezyrIU18Q_2id1WW619ZwPF2RsE8wL5Zh-eLCwGg9Rl9ZuuuOlmWY3zIwU8i_RkswZVs_ny0b7QuzAaO_1VCxE7dxPyoccEZ12tayThTYOzxjOLtw4VvW8sB1fSoXRqxXjJ6YeHOZhL0VvKPBoEOkHlNcDNa2K8RxKEEJZSoa4WlXVkhn8WToRbFpqyGiobO_Df6u61OC6x0QKlKbChcBhmwK_f-pSX7U72Y36CAG1e9feH7HwVuLuDo6Wpbuyq5-dVCCFqjO9PIJ6WNngvp18_1oWTfeIGN4HgzRlsJvaKkoIB5oyCWheN4zhQQP8WqiQP-UGWSNP1eQqVg_HkxD80IlBTNuzLesbYvYtIiPDIfjStD4d0_K1XXVhck2TkWeFYxt9Xg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F468 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbfR9VANeni1f9LMPfI-iHG5KaT9EFHLQk4YLrrQQLXmJwFwJU0YAo7M04kOaQ8nugoguNkRKjkpchYVNen6M62AkHq40bYjacQg24r83Joxa7i2bd0k1Ofu53yHMHxTiiqKKGATF6khm5&sai=AMfl-YQoP5CceCH7xrXg6SZK-Jo-qG3yY1kMcJfx20Nn3RWkk9hIrlQitphdLfk0Zv_LM9DWieLKGJ0Hpgefz-zSPC9gfaq3jLFFOoCwsi68qwwvHNujg0_X1QXcLXIPhGVrJPhgTF6PjuMrsKEKmqxydSGepaGY2snwcw8&sig=Cg0ArKJSzFujPCg_FwQQEAE&cid=CAQSTgDICaaNh6_iNcYTqxKRTtTPaWWmXN2L2653dPM2XEAbcxuYX6pZCv52BXFCh3xmsYGNJek8dNlmQBOMXybQKFIukoMcylxlg9D3KCwalBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=519304273&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702124061982&rpt=902&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 277D 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstd7hroeGgQkJbbnKae4Jy-H-ULvpcvP2hS3Ibce9lAGo4GBdZf8YLFzQxUGf0VAvxThgyy8XzlBVzrOiK-H_FyfsCAyC2wivS-B-7XMSJZ4kInzhMg_NPyjxAC72w4vAFrB2Zg7Q8FqCV4&sai=AMfl-YT8EU2rHY08mek9Ptqzc-dRzXsdnBi2a2ITkjjL4yAxWwH-o5Y5f7nPWpgy54B8n5dUb0WVqnPuUESwB-fHOa5pV62ID0BWfx9eSwgirvvT7wrahMxkpKpp9I3tp-19gXk-TfkgLvfAXjYb3Fm7v-R_FPYSRrxs2DE&sig=Cg0ArKJSzGim8eMOiFEKEAE&cid=CAQSTgDICaaNVBVIHGVmW5HaGn4Y2TMpZlGX8FNKiI93l8N_nL6hnAY179OEgTic37lg-p4PM9OGZYECVOq5mLsTYpmvqainhBzfqqfsYsh70BgB&id=lidar2&mcvt=1022&p=0,0,250,300&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2577869848&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702124061997&rpt=932&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE88 43 B
215 B 213ms
181ms Image
image/gif 2600:1f13:800:7782:7a4c:88f0:f811:a639
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=496c327c-9fb0-d0bd-88bf-80062268a3b9&tv=%7Bc:wiXKi6,pingTime:-10,time:512,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702124063970%7C%7C5ca8f7555863266f05e9aa0df87bb1e6%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7Cd8a22a5ed95f92460b17b5a3af1ed1a2%7C%7C824e8a94a84ac60a29b093308236b673%7C%7C81477deb073316cac36b129ef8548c37%7C%7Ccef8d0d2c9ee00c00bda721f60eac160%7C%7C9ede005dd768c9042240c6a3c0b1299b%7C%7C1663701684%7D
Requested by: Host: 0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:7a4c:88f0:f811:a639 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:24 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DE88 42 B
64 B 164ms
164ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlPMMTWjzGUG8eBfZ4q_CuAIphVvjU_Sb-gAaosfQtwmcWLlgoPIPZwpQ-Jb9AE2IwaLkmBkpCunJ_q2ajsf9NOcAC5OMqWBxOB4rSmir8o6LiTkA7bRRHlTKdwrMRvqowhjF9UtltjvHv&sai=AMfl-YRG6VjeS1419oKVBqJ099fbYcz5O8g5QXAinzcrQEUirFrpCYM6nlbOwh7UO5WQSWI5T5u4GNjM46LvOgOtGEi-HcKMYyd8nja-t65CTVyAM3d1ypQ-yEAEdUGvig5VcI1O4KPZF1A&sig=Cg0ArKJSzKYbY26ezb-XEAE&cid=CAQSPADICaaNrGOJyJ6lDWJGKsimKfXTQMyBQPb-SHrvDMOr5OQmnHHFqyvs6n7W3m9tVie1u5hNtkwwZySMChgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=357,854,1000,1008,1008&tos=357,497,146,8,0&v=20231207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4264741604&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702124063128&rpt=233&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE88 43 B
215 B 3644ms
3643ms Image
image/gif 2600:1f13:800:7782:7a4c:88f0:f811:a639
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=496c327c-9fb0-d0bd-88bf-80062268a3b9&tv=%7Bc:wiXKt2,pingTime:1,time:1190,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:151%7D,%7Bpiv:82,vs:i,r:,t:190%7D,%7Bpiv:100,t:590%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1000,o:190,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:151,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~728.90%5D%7D%7D,%7Bsl:i,t:190,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B400~75,600~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:549,fm:tXWz6CK+11%7C12%7C13%7C14%7C151%7C161%7C171%7C18%7C1911%7C1912%7C1a1*.1520186-71964881%7C1a11%7C1a12%7C1a13%7C1a14%7C1b%7C1c,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:152,sis:252%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:7a4c:88f0:f811:a639 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:28 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE88 43 B
215 B 3960ms
3960ms Image
image/gif 2600:1f13:800:7782:7a4c:88f0:f811:a639
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=496c327c-9fb0-d0bd-88bf-80062268a3b9&tv=%7Bc:wiXKzu,pingTime:1,time:1590,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:151%7D,%7Bpiv:82,vs:i,r:,t:190%7D,%7Bpiv:100,t:590%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1400,o:190,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:151,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~728.90%5D%7D%7D,%7Bsl:i,t:190,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B400~75,1000~100%5D,as:%5B1400~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:549,fm:tXWz6CK+11%7C12%7C13%7C14%7C151%7C161%7C171%7C18%7C1911%7C1912%7C1a1*.1520186-71964881%7C1a11%7C1a12%7C1a13%7C1a14%7C1b%7C1c,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:152,sis:252%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:7a4c:88f0:f811:a639 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:28 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE88 0
20 B 3016ms
3016ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7385620211134&version=m202309260101&ct=76&x=1&cor=11916805575705730000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 718ms
717ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YSN850P8DS&gtm=45je3bt0v9119078127&_p=1702124061500&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1012766198.1702124062&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1702124061&sct=1&seg=0&dl=https%3A%2F%2Fandroidmtk.com%2F&dt=Android%20MTK%20-%20How-to%20Guide%2C%20Firmware%2C%20Driver%2C%20and%20Tools&_s=2&tfd=6090
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YSN850P8DS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://androidmtk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://androidmtk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 493ms
493ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://live.demand.supply/e/e.js?r=androidmtk.com_auto_728x90_sticky_display_bottom&e=ufp&dsReferer=YW5kcm9pZG10ay5jb20v

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.24.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://androidmtk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nf-request-id: 01HGATW477KW1RVN2F109RRJ91
date: Sat, 09 Dec 2023 12:14:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 347438
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "a49e9f0a501edbf396bf43092ec1efa3-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 832d2b01aea64d50-FRA

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE88 43 B
215 B 357ms
357ms Image
image/gif 2600:1f13:800:7782:7a4c:88f0:f811:a639
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=496c327c-9fb0-d0bd-88bf-80062268a3b9&tv=%7Bc:wiXLvy,pingTime:5,time:5190,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:151%7D,%7Bpiv:82,vs:i,r:,t:190%7D,%7Bpiv:100,t:590%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5000,o:190,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:151,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~728.90%5D%7D%7D,%7Bsl:i,t:190,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B400~75,4601~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:3646,fm:tXWz6CK+11%7C12%7C13%7C14%7C151%7C161%7C171%7C18%7C1911%7C1912%7C1a1*.1520186-71964881%7C1a11%7C1a12%7C1a13%7C1a14%7C1b%7C1c,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:152,sis:252%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:7a4c:88f0:f811:a639 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:28 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE88 43 B
215 B 179ms
179ms Image
image/gif 2600:1f13:800:7782:7a4c:88f0:f811:a639
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1520186&asId=496c327c-9fb0-d0bd-88bf-80062268a3b9&tv=%7Bc:wiXLC0,pingTime:5,time:5590,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:151%7D,%7Bpiv:82,vs:i,r:,t:190%7D,%7Bpiv:100,t:590%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5400,o:190,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:151,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~728.90%5D%7D%7D,%7Bsl:i,t:190,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B400~75,5000~100%5D,as:%5B5400~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:3963,fm:tXWz6CK+11%7C12%7C13%7C14%7C151%7C161%7C171%7C18%7C1911%7C1912%7C1a1*.1520186-71964881%7C1a11%7C1a12%7C1a13%7C1a14%7C1b%7C1c,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:152,sis:252%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:7a4c:88f0:f811:a639 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 12:14:29 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

319 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-21 02:24:44	Name: demandSupplyTi Value: a0cd3a19-27a2-4678-93dc-958c8c09fa4e
.androidmtk.com/	1970-01-21 02:24:44	Name: _ga Value: GA1.2.1012766198.1702124062
.androidmtk.com/	1970-01-20 16:50:10	Name: _gid Value: GA1.2.971171812.1702124062
.androidmtk.com/	1970-01-20 16:48:44	Name: _gat_gtag_UA_49440195_1 Value: 1
.criteo.com/	1970-01-21 02:10:20	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:10:20	Name: uid Value: 05948096-a45d-465e-abd8-b000c9fb396c
.androidmtk.com/	1970-01-21 01:34:20	Name: connectId Value: {"ttl":86400000,"lastUsed":1702124062046,"lastSynced":1702124062046}
.androidmtk.com/	1970-01-21 02:10:20	Name: cto_bundle Value: VPV1yV9sMUtjbmc1aVlaWiUyQnklMkIlMkY3cTZMTHQ5RHAlMkZLWWpEVzd0RWszdFQ3TmVKcnc0STJ4RUxZaEpFZjAzTzJWNG9RQWdqeFFFTUozWnIlMkJseldSR1IzM2ZvMWoxJTJGMkRPTzl0RDc0Mkx3SVlkbTZGY0xhRGFJdlMydnY0dFVTOGtUVmhmNTZTOWxJWkJEYnZoYnhRRW0lMkJZeVJTdyUzRCUzRA
.openx.net/	1970-01-21 01:34:20	Name: i Value: d841e5d5-b565-47d2-8960-c224e8177884\|1702124062
.androidmtk.com/	1970-01-21 02:10:20	Name: __gads Value: ID=07ef3b81cd99d9a4:T=1702124062:RT=1702124062:S=ALNI_MZanc8mTY9bGpprYidpdqiCyJZ45Q
.androidmtk.com/	1970-01-21 02:10:20	Name: __gpi Value: UID=00000d10e2e44d48:T=1702124062:RT=1702124062:S=ALNI_MbgAZNS3l7ErTgaRVkVjiPlTcUeDQ
.googleadservices.com/	1970-01-20 18:58:20	Name: ar_debug Value: 1
.adnxs.com/	1970-01-20 18:58:20	Name: uuid2 Value: 8646933742321944790
.doubleclick.net/	1970-01-21 02:10:20	Name: IDE Value: AHWqTUnI1vp-BO6SKIMzaU6iJyzRKZau7Ug2DnONVh8K2Q6JeSakRlIGv3CjmW3Lh4Q
.media.net/	1970-01-21 01:34:20	Name: visitor-id Value: 3451256627317528000V10
.yahoo.com/	1970-01-21 01:34:41	Name: A3 Value: d=AQABBB5adGUCEBCoOzEt433szuW_NtZD0KcFEgEBAQGrdWV-ZQAAAAAA_eMAAA&S=AQAAAitxqQgbAaqjWfms3pK-W8k
.androidmtk.com/	1970-01-21 02:24:44	Name: _ga_YSN850P8DS Value: GS1.1.1702124061.1.0.1702124063.0.0.0
.demand.supply/	1970-01-20 16:48:45	Name: __cf_bm Value: HZ6xEoClcRrdaSPyU7jueTvaunl8h266Dxhzp_SalTI-1702124063-0-AUVn6cbcjWX0r9npNXjDxIPeGfrrKZNSkqPgX/nZ+CrdiLSkIKHf6191kttgEnsOi2RLlbVttuXuoDku6oQO+5U=
.casalemedia.com/	1970-01-20 18:58:20	Name: CMPS Value: 3295
.adnxs.com/	1970-01-20 18:58:20	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVVeQ5_a!]tbPl1M>e)ZlrFUfJ+tGXxo7<YgZzKyG>j<8^m5<WYk!b6mi7_KCEn*O`v:3If)y3KL9D3I?+i3Kgz:
.zemanta.com/	1970-01-21 01:34:20	Name: zuid Value: yFD6cGwYLW2peYzxbeN9
.casalemedia.com/	1970-01-21 01:34:20	Name: CMID Value: ZXRaH0uWlyIYZVBBJ8NtNAAA
.casalemedia.com/	1970-01-20 18:58:20	Name: CMPRO Value: 3295
.tribalfusion.com/	1970-01-20 18:58:20	Name: ANON_ID Value: a1ntuJMwTkE6XlypqpMS1ZbFHyDTDbdx3jA7Ams4hMjMdQiZaGky4EQN02rHksoDbxaHJJs2FBArQDRATSwb2eYHUf
.doubleclick.net/	1970-01-20 21:07:56	Name: APC Value: AfxxVi5kvUBvNTTeXiKLI1tWZ-kOkXJmhREF7SgJew_PvKpOtrcaOQ
.mediago.io/	1970-01-21 01:34:20	Name: __mguid_ Value: 81fa84b7097cb6321h7gnh00lpy0pwqh
.de17a.com/	1970-01-21 01:27:08	Name: guid Value: 1.7243459742025399009
.turn.com/	1970-01-20 21:07:56	Name: uid Value: 6986211286907704342
.demdex.net/	1970-01-20 21:07:56	Name: demdex Value: 46827650811303886981342209564758616823
.jpmcbankna.demdex.net/	1970-01-20 21:07:56	Name: jpmcbankna Value: 46827650811303886981342209564758616823
.yandex.ru/	1970-01-21 02:24:44	Name: yuidss Value: 5853662081702124063
.yandex.ru/	1970-01-21 02:24:44	Name: yandexuid Value: 5853662081702124063

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Refused to execute script from 'https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=193268044&d_placement=368994727&d_campaign=30127422&d_bust=2881121225' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
javascript	warning	URL: https://androidmtk.com/ Message: The resource https://cdn.androidmtk.com/font/inter-latin.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://androidmtk.com/ Message: The resource https://cdn.androidmtk.com/font/inter-latin-ext.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://androidmtk.com/ Message: The resource https://cdn.androidmtk.com/font/inter-latin.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://androidmtk.com/ Message: The resource https://cdn.androidmtk.com/font/inter-latin-ext.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0e912557e24be3b571e7a42d8e28ab28.safeframe.googlesyndication.com
a.ad.gt
a.tribalfusion.com
aax.amazon-adsystem.com
ad.turn.com
ajax.googleapis.com
an.yandex.ru
androidmtk.com
b1sync.zemanta.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.androidmtk.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connectid.analytics.yahoo.com
cs.media.net
d5p.de17a.com
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
invstatic101.creativecdn.com
jpmcbankna.demdex.net
lb.eu-1-id5-sync.com
live.demand.supply
match.sharethrough.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
r.turn.com
region1.google-analytics.com
rtb2-useast.e-volution.ai
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
trace.mediago.io
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.18.35.167
104.18.36.155
142.250.184.194
142.250.185.226
142.250.186.130
162.19.138.116
174.137.133.49
178.250.1.9
184.30.211.26
184.30.24.22
185.89.210.101
192.124.249.19
2001:4860:4802:32::36
2001:4860:4802:36::178
2001:678:cb4:bbbb::11
213.155.156.182
2400:52e0:1e00::1081:1
2600:1f13:800:7782:7a4c:88f0:f811:a639
2600:9000:2127:5600:a:e047:753:a221
2600:9000:2127:6200:10:dd8:5e40:93a1
2600:9000:2127:ba00:8:48e:53c0:93a1
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::ac43:17ea
2606:4700::6810:5814
2606:4700::6810:8616
2606:4700::6811:190e
2606:4700::6812:19ad
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2006
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:830::200a
2a00:1450:400c:c02::9c
2a02:2638:3::3
2a02:2638:3::c
2a02:6b8::90
2a05:d018:d29:3602:1a0:3675:b602:a15
3.71.149.231
34.102.146.192
34.120.135.53
34.96.70.87
35.157.229.177
35.208.249.213
35.244.159.8
52.209.195.170
52.212.5.247
52.222.253.136
54.93.159.64
63.34.88.188
64.202.112.95
65.9.90.93
65.9.95.100
65.9.95.83
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02c909028d54c99ae21aca9a75a6a98f950c00d67f367d052adea83ae5d70371
05a765e98d1bc5f151471c2052822ec56f5ad0fb3dca16c1dc9bcc8d27e7f152
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
078606c18353237e7225d356ee99be69817953625784361480e500906341ffe5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fce57382360503d42af575d27da4852d9f5592f199ade6d484aa4019d6ce1a4
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
166b58e72e03d4ab55d09650b70b5b064ed2b76d0c763ed05befd52cf41390b0
1820e7494ef64b6c9e882871c0766fe4439592c8b4f2f27a7467121af10d5511
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19b521d7e53d0bd1dad875fccf744ee2c6db0eebddbd671c369b31eb55530c35
1a4d3e21879c4a141048e99f02918e540934bb8fe5163bce79c01631520a63a1
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
1b93f9d24a224217e1780c770f5bcbb411934d29c38eedfc988a8000d0315ff2
1c7c4aaec4a85d283b91782044ba449a59cbe4a0d3840a408831d57b6d4053de
1db873cb04140a89b8115a392783072f4208dc37ad86677512454708931ef493
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
259207d6b3e4001f0a6c634615e84b15f5305b6ac282a3d65fafeb28aaa62bcb
259c41511ed9f9f48c946c13ee0252232c271ccfde7e304d84495c66d60fe386
2849e4fb1711147379c4373a2a59e9f8263a70c6aec292125b3a9588dee825cc
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dd933d7949b64871c962451cfb013daa86639d5f470e9d3c7e0859ddb7ecf06
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f781152f1c6fae24f4564b0836cfd664cc0fa210ef73e2439148b8551b0fd72
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3920625e348d5be5c12e3fffdfcad00356707708e68a57fdc5801ea004a23635
39ec144c2784e505a6998ac7bc3e6c43c0978b5a777065d24a58ebf14285db43
3bab9a6a97bed8bc6408476e278ee40c487e5cd077175de044809d6730b9a1a9
3f2a832e7c4990cb2001fe41fd4bcaa7269c9b8baa6c138631e93fc917f8369b
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42dbd5286f7727001e0fcddcfde268ff7a81dfe74a67bd09b2887ccd3c10a4a9
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c2b3661cbab14bf2f65169b8a1a7d76bbed9d87137e3e04a0e3447b2171152
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44823dd01414b7a1ac5fcaee0268c94841942084683606d9147da14bc947d9a4
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b
583658c0cbd97f641e381f333fd0634cda76ae42767a9233ebcd1bf9f129f4ef
586ffd56681549462c55a051eb4b1579ed16c49f7d7d7281818b0aec9c1ffa38
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62eae56609e78c701d5f6a0c1bf64e1bb71bf9c1e943e90e95a2f4cd70c1a7be
649af545f5efd2a265363ceeb7fdf9dc6dc8c85dfba4d7d3a538930c3d181b39
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
6aa17d5b5ba408fb8ae8b688c51769e1d55f87d200c11e9e24ca845b7804eab2
6aa3f4d92264192f442ec988a659128ff0cada54006c7bbe051f1644c3c06e8a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6c25ae749e499cda3221b28ed76a89d9a95a0b4ecc42c83417222dfecb5549b7
6f95c3c9ac7d60cf4b9988776e5a25ee51a9391ac51d0cc5bc8dae1f0ea0029c
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
7dfed722b6c03ef1546cc7e60cdbd7597ca3597a135439dacf4abdb1f1f3d39c
8127d6dfb7da3bc1eb3b7ebc9feba37089d8a0d9b45c69fd71e1490fb091d9f9
83b2f480760f49e79ecc1bc0d2c702485710e48546b0138adfb4cd1938ab5916
84e57a8533b86c8a5e6ee970a3d8302c7cafcc2633cfc457be573101c4b69b0c
86914a9b596f0b4e507b1c32e985a7c4f98af4131a48a31f02709c60730b114c
86d48a5aa826b41407e603ca336ab43200607642fbe4918454a800ae2938efcd
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8ad48f9b579ec55aa5e267c3a8b6a445c73ba918c92cde9e29e03a2bf67a008c
8bbaf7f99000c8db41dc83a3391f120b31bb8fc88dd9bdb5ce4050f59c56eda8
8bc684c2c8990df79ea3e27cc4bb5be98d6e40747b29cde77dfb28c6c6dc94c2
8ce566978c1b87f5865517a8b81b537110c2ce82f2fb7301eff12bbdc7274ee7
8db73f93748b2f7f1108a601933d768f9821956e529af6ee30fd3c553077b6cf
934da88d6589b40680733463328dc6a694f48db07e1b8dd50f09f94ff6efd81f
939a77e51b49b4a03c7ccc745b80804dc97a0543f2d16de724bca82e4e4974fc
93fa1f461fbf9f80e5ff4d748550320757afe572b8e96461ed879fe36f3271cb
95abaca5a5f710cf478b0360960174ac2153a14f8e875794d2dda4df164263ae
9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a
9a430aec99ce867275e14de9a553dbaa8bbf7a84d371a09e49811bac89cec504
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c741b415dc834b1d2db74572c007d6f3f9f796fb729ad39984a86af98839561
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71
a33fe8ff7872098b135e75197ae2802839699d34036a478d60a7c500e8498126
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a79542c89c86090f3175a47533c3aee563f88fd30a2f4b821e32e5648c3ec1ab
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab8e7bc51bf9df43a94c40ee45f2d841858f26d3a256128e58caab49297748d4
ac62816f48af5bc603bccf32f60c302e5e82b20f4044fbaa6550dcd0f2858ebc
ae03fcca3cd509d77368377c524decfa506278185a38be4b03b9ce057024ed11
ae0d8e86e70bf00937399b1ebc3df4936e41aca55e4dcd63f0333ccfe9bdbded
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b07ec8dcb86cc9098abaa4ebd584f223c366002428e034401631dee8cc497c2a
b1263b8480255c6ba085d4941071d96b9c18fa5cd1dd98478ace96e050294ef3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
baebe1d44bd3b42ab45b474c20fab3fa861b7f6bd5e3606e3d2ceaa2f4ca8883
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c5a5785c019eb0c495de22e9d18577113f12810a081efdf9e232147240bb7ea6
c5b25f85c97eeddaac406113b7c369d0e4a98baa02fef7b6a66e041af389385b
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c84ddbba199320b818a824527ffaf1066934f62bf181d0918f98f35412a2186b
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
ce9ea19684649109b2f96f68959eb825a59c0d45434dde55c34d5a1ce5aef0d7
d4cbd23e676af725606e4b7315ba69305b60d19b55f3cf80c1fb2af27b439945
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e01d8df5c11c198ea411a508c29886673a35cdc669031d6672e196cd4d850706
e2d1582ca42ff7f3ea326fd1f5c1875c6f9d7e61b7dd2182bcd25019b1519739
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e67dc4d4d8c78146bf82fe896ece23721715bca0fc64f21896f42b91bdbaec5a
e6ec20f1cef50a96d5038422163d53fff6b668609f5b5c2e767b736c9b93c387
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eac9d64d880c2d41221d5902e61ba6471d1b120fee332967470911da1279958c
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecf77f3066349a900d6846e1a3db74b84a0af0014f947c240ee2d55759fbb6d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f7b98294905bd203318708c3c2e988e2db04d81d9df94ee0b25c96e7923e11
f246538ddccb3e802a628fa55967ee7a76047d04473fd29253584ec2a3b0b68b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f90bb76e91d54af973fc49fe886434955aa41bddf64be9df64bfcdbdd79ce0c1
f9b634128345caa20a2aa0e4805a38594c244a0afec1628170274466e84af5d1
fa4a7b3a5fea49cbeb68e1763bc7ded109abb9c1e3b86a4af074cb5998f24610
fcc10636da52fb9f046628f50dfab4d3907391b5700685666a995ac4e41f7925
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff2ebb5416fc267091cf33b038eadae2f4c0aaa5f8b06c8410414e79d40a5a10

androidmtk.com Open in urlscan Pro 192.124.249.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

223 Requests

91 %HTTPS

53 %IPv6

44 Domains

69 Subdomains

57 IPs

9 Countries

2461 kBTransfer

6502 kBSize

32 Cookies

3 Outgoing links

Page URL History

Redirected requests

223 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

androidmtk.com Open in urlscan Pro
192.124.249.19 Public Scan

Screenshot
Live screenshot

Full Image

223
Requests

91 %
HTTPS

53 %
IPv6

44
Domains

69
Subdomains

57
IPs

9
Countries

2461 kB
Transfer

6502 kB
Size

32
Cookies

223 HTTP transactions
13 data transactions