apkaio.com Open in urlscan Pro
2606:4700:20::681a:33d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://apkaio.com/app/com.einnovation.temu
Submission Tags: @phish_report
Submission: On November 28 via api (November 28th 2023, 12:43:57 pm UTC) from FI — Scanned from FI

Summary HTTP 132 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 14 domains to perform 132 HTTP transactions. The main IP is 2606:4700:20::681a:33d, located in United States and belongs to CLOUDFLARENET, US. The main domain is apkaio.com.
TLS certificate: Issued by GTS CA 1P5 on November 27th 2023. Valid for: 3 months.

This is the only time apkaio.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:20:... 2606:4700:20::681a:33d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1 13	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
6 8	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:400c:c18::5e	15169 (GOOGLE) (GOOGLE)
1	142.250.110.155 142.250.110.155	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4026:2::6	15169 (GOOGLE) (GOOGLE)
132	25

15 2606:4700:20::681a:33d (United States)

ASN13335 (CLOUDFLARENET, US)

apkaio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.206.34 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.211.12 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400c:c18::5e (Charleston, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.110.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4026:2::6 (Ireland)

ASN15169 (GOOGLE, US)

r1---sn-ixh7yn7d.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	512 KB
26	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154 bid.g.doubleclick.net — Cisco Umbrella Rank: 802	189 KB
21	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 300 gcdn.2mdn.net — Cisco Umbrella Rank: 1173 r1---sn-ixh7yn7d.c.2mdn.net	229 KB
15	apkaio.com apkaio.com	49 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	78 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	5 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 447	167 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	4 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	192 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	157 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	2 KB
132	14

	Domain	Requested by
24	pagead2.googlesyndication.com	apkaio.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
21	tpc.googlesyndication.com	apkaio.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com imasdk.googleapis.com
18	s0.2mdn.net	apkaio.com s0.2mdn.net
15	apkaio.com	apkaio.com
13	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	ad.doubleclick.net	apkaio.com
3	fonts.googleapis.com	googleads.g.doubleclick.net apkaio.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	r1---sn-ixh7yn7d.c.2mdn.net
2	www.googleadservices.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	imasdk.googleapis.com	apkaio.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	apkaio.com www.googletagmanager.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	apkaio.com
1	ajax.googleapis.com	apkaio.com
132	25

This site contains no links.

Subject Issuer	Validity	Valid
apkaio.com GTS CA 1P5	`2023-11-27` - `2024-02-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh

This page contains 21 frames:

Primary Page: https://apkaio.com/app/com.einnovation.temu
Frame ID: 14E17D90FD0E81F6E8F4E656DF6D66C5
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: 8C05EB640A74130DE7604663CB899EA0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&adk=1812271804&adf=3025194257&lmt=1701175433&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433281&bpp=2&bdt=400&idt=403&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=482684741681&frm=20&pv=2&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=417
Frame ID: 1EBFF9478B097A56C3F893BC95E903D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423
Frame ID: 47E549F8A9DAEE2920798A4CB281C149
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1478383417&adk=3721280051&adf=3528253133&pi=t.ma~as.1478383417&w=392&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=392x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433284&bpp=1&bdt=403&idt=423&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C792x280&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=425
Frame ID: D41E7532142A7A14B2BB1C2BA86D2AEC
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEM63_70CGK2dtP8BMAE&v=APEucNVOSbVQLBYHgai0o8jdbjurVfAj1eHttWTF-T4X4dgduz_fgcnOYbbG1qYOZgCA7cDCtUSa9uhwM4ySyAfje_5g-JoNhb3QC78XSEgeYdh-snylBre1ORHaxxlf7McBOPHGwGEk17wvXMVAoCqjFrhbaPYU_MoNIDbV4hdctpccSWBwbEk
Frame ID: 3D21BF678B59A640DED735C378AB022C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1701175434&rafmt=1&to=qs&pwprc=4756028185&format=392x100&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175434436&bpp=1&bdt=1555&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C792x280%2C392x280&nras=2&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=3
Frame ID: 0D30221E418B7310D4AE53B397B90BE7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=50&adk=3375355607&adf=1110404614&pi=t.aa~a.2147701234~rp.4&w=392&fwrn=4&fwrnh=100&lmt=1701175434&rafmt=1&to=qs&pwprc=4756028185&format=392x50&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175434436&bpp=1&bdt=1555&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C792x280%2C392x280%2C392x100&nras=3&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=6
Frame ID: 6BE419A6D6548D610D0DB44650914D84
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: 9194E4E6598F24ED41C8B749A06FCEC2
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: A9D4CA39355C36B84AC8CD79C726E50E
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Frame ID: 67C97347370D90C8396161B368234B7D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEM63_70CGJK9sv8BMAE&v=APEucNX-VYZcLQ3A0Vc_YpASUHoMnZFjeh2_gnKdahrpviZHwwWzJMZZpXbbIa6jv00dsWpCYr1bYDscHK7-AR5KXY0Cvmpc76L5Mhhc8B4lfMezkF1RnBPYbrviOGgSLIFn9UyTgPScxHi7TY5U9iXqvcZPI2n1veh4usQal_FNJ2gVyLJOx60
Frame ID: 4F1394427F49A6B31D993A379553792B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D7C2735B46CBA7867E6D9FBBA5D20AB8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3F30F2743247A52B8D16218EDD1B1A7F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1082146099593702948/index.html?ev=01_250
Frame ID: 2F6796E03FEC0C11A61B0A2222C2F5C8
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17126041573053037717/index.html?ev=01_250
Frame ID: AFB278647EC60853B7C4CBD969FAE501
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B337739235240F44334D8EB8972CC004
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: DB2EE1F593F00BB5DAD6E750EE007F5E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DC935159547FAFD7D30567764287BE72
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E5039CAC35C81666575FC8F02229D55F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: F14B03D135FEC962C7461DC6B7CF9053
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Temu: Shop Like a Billionaire 1.65.0 APKs Download - com.einnovation.temu

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

132
Requests

92 %
HTTPS

76 %
IPv6

14
Domains

25
Subdomains

25
IPs

3
Countries

1600 kB
Transfer

4437 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBTVPvYNXW8qBd9rgWVV8g8&google_cver=1

Request Chain 49

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWXgisfKiQvt0R747hLRlAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIbGP33VFbvnK5m_NdmQwA&google_cver=1

Request Chain 50

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELQ7CytHCS5s3Wmbvjd0a9c&google_cver=1

Request Chain 51

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMzUzMDk0NzcyNjM2NTY4NQ%3D%3D

Request Chain 77

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIbGP33VFbvnK5m_NdmQwA&google_cver=1

Request Chain 79

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWXgisfKiQvt0R747hLRlAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIbGP33VFbvnK5m_NdmQwA&google_cver=1

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEHEnXqaJvB0grFHFOLK-7M&google_cver=1

Request Chain 81

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMzUzMDk0NzcyNjM2NTY4NQ%3D%3D

Request Chain 111

https://googleads.g.doubleclick.net/pagead/adview?ai=CxpTAieBlZeH0MtWn5LcP5MuemAispZ-ja928wO2nEY_0kOPXAhABINWn6JEBYIMFoAG0msTlKMgBAakCJOq1-M6MjT6oAwHIA8sEqgTwAU_QeHcgsPvPOO0WMOPv8h5dKz3E5IelVUmLl16sbRyHaxUJUkIpr0hkwcReb4Az1hJdlFANKO55J_ZW7FE9VhcctUF6uK62Kx_eKdVpwXAjcgg1waQ4zwpk5utTDDbPYv_r4kYWb2ZAGktLEbYklovseBDzvFEAqCH9EDRQ65BCIB8wy4Ut2P_z9RV0SqhQic1UoVVEU6O_6IrvqcLZCplH7UXRPfIhazwtGwClXsf4JjHRIS0bfrYOAUyUcfnxGziwd-TdQmm_oorPlZIxFYr02TcsHwsEXon_ej6l8lR5wUiutdvOfenq9kSXUNFujcAEvJLT_IUEiAXWhLOhQpIFBAgEGAGSBQQIBRgEgAe00pTFA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIqfCtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCRRodHRwczovL3NjcmVlbnlvLnJvL4AKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtgTCtAVAYAXAbIXHAoaCAASFHB1Yi00NDE2MTg3NjA4MjY5NjUzGAA&sigh=cvKXRWZPulk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN4vuHrRZugpD3waxyo8HNHjrFevMsRjwlZskbGzByA1MGojH3db-QBK1bbKtJ4kC-icZT1PxUuZYpx4KcEkh-DwdarfsKxohwQxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223740387306139247685%22,%22debug_reporting%22:true,%22destination%22:%22https://screenyo.ro%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210950348084%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210363076273086745793%22}&andc=true

Request Chain 121

https://gcdn.2mdn.net/videoplayback/id/80327d0f49d9fe19/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732711435/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/4C2D622FB00D36C5CD65C08B82635E121313EA03.0204D486A217E96312C6D56BB11506950C0CC647/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-ixh7yn7d.c.2mdn.net/videoplayback/id/80327d0f49d9fe19/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732711435/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/23825DE1AD16FF69402778523C658A46EF34341E.75FD61515B850F6B6B264A453EFD149061AEC4B8/key/cms1/cms_redirect/yes/mh/ci/mip/2a0c:f040:0:2790::4e/mm/42/mn/sn-ixh7yn7d/ms/onc/mt/1701174414/mv/u/mvi/1/pl/58/file/file.mp4

132 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request com.einnovation.temu Show response
apkaio.com/app/ 47 KB
11 KB 546ms
461ms Document
text/html 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

c907d04f737c793eddefb421897d783245d28e0ffcaed10af9184b1f1446601c

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82d2b2f4a8c770f8-HEL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 12:43:52 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAypqTrkiDVfR5eYwaZHi3qXub9mXHlOkZvCF9kyvY9bpjoOiK%2BfghabWV3IIuX4Qd8UC9Iypq7%2Fg17J9NwgIjBjWfy2ifyIvWFOeFb%2B0nnP%2BnKyCCrUktpe1j0mBxlhnLrSHnulQEs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-powered-by: centminmod
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 290ms
111ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4416187608269653

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcab0e6da861ef75f9bbd722e81a1d7f0746b70d18235d672b09dfba2fb0fd7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkaio.com/
Origin: https://apkaio.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52803
x-xss-protection: 0
server: cafe
etag: 16477268285149193148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:43:53 GMT

GET
H2 200 com.einnovation.temu_1.png
apkaio.com/storage/images/com/einnovation/temu/ 5 KB
5 KB 49ms
49ms Image
image/png 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkaio.com/storage/images/com/einnovation/temu/com.einnovation.temu_1.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

c7c3c43fbd1493c086616633b4ff9b52d41274441633f40ec70fd142dc725a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/app/com.einnovation.temu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 972
x-powered-by: centminmod
content-length: 4904
x-xss-protection: 1; mode=block
last-modified: Mon, 01 May 2023 18:46:47 GMT
server: cloudflare
etag: "64500917-1328"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyyiL%2B5iXjQjxB4gX9vwu1HKw8j7ycqdDSfdgUCPbZ0aaZoT%2FQS7UJvpnoMwUt0LVY1suZVRxKTKxCctG6CDTiVAKCKycssrUvif9eWEKGgE%2F6Bjy5wLqy%2FwZA1XnVBlnJlwyLIYGf0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82d2b2f7982b70f8-HEL
expires: Thu, 28 Dec 2023 12:27:40 GMT

GET
H2 200 lazy.png
apkaio.com/images/ 1 KB
1 KB 43ms
43ms Image
image/png 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkaio.com/images/lazy.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

5feb590434f658e1a0b750d61921a310a16c82e6fe5677f4927c06256d380563

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/app/com.einnovation.temu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:52 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5185
x-powered-by: centminmod
content-length: 1173
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 18 Aug 2018 10:34:00 GMT
server: cloudflare
etag: "5b77f618-495"
x-frame-options: SAMEORIGIN, SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxae5dfUs8pu1kV1Yu1lbO2MaWbNqEgVfNvLciOquAuDaRhgrcTl28LbsTfMgHKD1WMBC%2FvU%2Bv90U7EtsP%2BxnBNw548se6SkeExREbnf0F6kJvXFox5b01fhPJBQEsRsVYHvmX%2BpdP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82d2b2f7b8af70f8-HEL

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 212ms
60ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 08:44:45 GMT

GET
H2 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 3 KB
2 KB 440ms
63ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 379451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1120
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-d35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pt9o1MIUqPH3iJaam4qovJsIZMf9PA6aEeUxiMcx5FtVNQ1zzM82dPlgwfZNyaf4ObEheYemH0ZDxhVgdtaouw7R094tJP66Y67e48DjoTVIuROlaiIeUpaeq%2FdZoba4Dop11TJM4KF1mo6ARfrrjvtF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82d2b2fa19443768-HEL
expires: Sun, 17 Nov 2024 12:43:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 225ms
75ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-219351102-1

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c9ac8cc3c794d3b2472fa55ff9b739a1f05906c277ffc7c939c10121262dce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68898
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 12:43:53 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 254ms
132ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4416187608269653&plah=apkaio.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4416187608269653

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3a5566face86456050b509469d96d769dd62155f8231924f1291e01fffb270e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138525
x-xss-protection: 0
server: cafe
etag: 14147807942611171355
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:43:53 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 8C05 9 KB
4 KB 195ms
60ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4416187608269653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkaio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 17257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 07:56:16 GMT
etag: 111328227650088477
expires: Tue, 12 Dec 2023 07:56:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
89 KB 78ms
77ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2Z7DCTV0BJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-219351102-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2bdeec00025ea2b139ed2207bdee5c20e2c08cd6583204563746a993a02650f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91356
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 12:43:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 191ms
60ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-219351102-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 11:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3255
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 28 Nov 2023 13:49:38 GMT

GET
H2 200 app.highend.high.end_2.png
apkaio.com/storage/images/app/highend/high/end/ 1 KB
2 KB 176ms
173ms Image
image/png 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkaio.com/storage/images/app/highend/high/end/app.highend.high.end_2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

89c893ae0ca160b15ba224d90b4f6ce167c313c0a8f512c85d52a207dc0b5581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/app/com.einnovation.temu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: centminmod
content-length: 1419
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Nov 2023 12:40:11 GMT
server: cloudflare
etag: "6565dfab-58b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgJDdhad0QypPXmlzFtctXcgVLrewC0D67TiAa50eQX1fTlVid%2FOi4ODpHwi5FTP1n92WRB1hxnSYm9YoyShZQPqzNzWPe8fj7g4wAg%2BQ%2BFeWnUcthvWE6X6OJGuK1OMM0JDIouOWoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82d2b2fa9f0770f8-HEL
expires: Thu, 28 Dec 2023 12:43:53 GMT

GET
H2 200 ae.lml.funworks_2.png
apkaio.com/storage/images/ae/lml/funworks/ 2 KB
2 KB 50ms
48ms Image
image/png 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkaio.com/storage/images/ae/lml/funworks/ae.lml.funworks_2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

fe6ba465a5b9158cb73a88e5d8b618785d5e2a2d82aea3beb8f3f1c6f18a8443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/app/com.einnovation.temu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 972
x-powered-by: centminmod
content-length: 2177
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Nov 2023 00:55:00 GMT
server: cloudflare
etag: "6563e8e4-881"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxCOlM1KZsUp4YR3L7SbFQ%2B%2B2Hj7pcUE1x6UIYFxsgQ3rQPpvqQK30455Ou4KEN7TS5p1rCIjRfBf6xQb3Wk94l24SHzoui%2FoiRYUgHwifdkjF9nwqKOZa7QtKIbJiZVMyQ%2FPsTllw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82d2b2fa9f0b70f8-HEL
expires: Thu, 28 Dec 2023 12:27:41 GMT

GET
H2 200 ae.lml.funville_2.png
apkaio.com/storage/images/ae/lml/funville/ 3 KB
3 KB 54ms
52ms Image
image/png 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkaio.com/storage/images/ae/lml/funville/ae.lml.funville_2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

5dbfaf4b50fcb8ebeb01bc8ca0999506ae9defaae24bcdd5415178c0eb1c6615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/app/com.einnovation.temu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 972
x-powered-by: centminmod
content-length: 2631
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Nov 2023 00:43:27 GMT
server: cloudflare
etag: "6563e62f-a47"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shVP%2F2tcL0h%2FLKCNW6%2B0CMNzeyWDwSgeu%2B3DQj8iw%2F7t6g9vwTR05U6oK9FqcKe0DU0i9jtBx0yKVIRivx5L4j2%2BSp5U%2BD1J%2BdI86gi3hzqNHE6cUdVtMcR%2FT3WjKWhBQ0cA0v1RVgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82d2b2faaf0d70f8-HEL
expires: Thu, 28 Dec 2023 12:27:41 GMT

GET
H2 200 ae.lml.funcity_2.png
apkaio.com/storage/images/ae/lml/funcity/ 3 KB
3 KB 53ms
51ms Image
image/png 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkaio.com/storage/images/ae/lml/funcity/ae.lml.funcity_2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

d2ab86f8e7a02aad7110782eee34603976836101fa91c5c553657a7fa6287b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/app/com.einnovation.temu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 972
x-powered-by: centminmod
content-length: 2596
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Nov 2023 00:30:47 GMT
server: cloudflare
etag: "6563e337-a24"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmBUj88L5ASLcY9T7xtGXbUff2BZDaND8Dd4iF4BXCsFQaEFs214%2Bsh7mz2SkC5Ki3T3QjbTmJYly9jYztNTXEAZDVBHSbv5%2FNzWGvY7W7zHhv5qaxDtRZFTMYbFDXOs4AYkqwsG0VE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82d2b2faaf0f70f8-HEL
expires: Thu, 28 Dec 2023 12:27:41 GMT

GET
H2 200 com.landmarkgroup.mothercarestores_2.png
apkaio.com/storage/images/com/landmarkgroup/mothercarestores/ 646 B
1014 B 45ms
44ms Image
image/png 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkaio.com/storage/images/com/landmarkgroup/mothercarestores/com.landmarkgroup.mothercarestores_2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

024e6aca99ec463a7c7582b57eb080489dc48717ca3fbd6c481f17bdfd8b3ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/app/com.einnovation.temu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 972
x-powered-by: centminmod
content-length: 646
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Nov 2023 00:01:32 GMT
server: cloudflare
etag: "6563dc5c-286"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8MWozafZsUqZiwXjnRSnOZALylaz8jcZK%2FOl07KWwKDHJgMxpaqySfIotAlaCQ75uWeeanisb%2B9xARv5uwMd5qE3jUkcCEEoZsfV1eV2Wc0lqNpYTTTNq4EzH6frTEg1%2BqD1lQzfFI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82d2b2faaf1070f8-HEL
expires: Thu, 28 Dec 2023 12:27:41 GMT

GET
H2 200 com.mapplico.millenniummobilya_2.png
apkaio.com/storage/images/com/mapplico/millenniummobilya/ 3 KB
4 KB 58ms
57ms Image
image/png 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkaio.com/storage/images/com/mapplico/millenniummobilya/com.mapplico.millenniummobilya_2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

4167e90d3f9bf4b7900f41e78e26255acd9e0fdbac103870e892f4c16a996c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/app/com.einnovation.temu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 972
x-powered-by: centminmod
content-length: 3299
x-xss-protection: 1; mode=block
last-modified: Sat, 25 Nov 2023 17:54:10 GMT
server: cloudflare
etag: "656234c2-ce3"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYmNle9x6Vsqt6a%2B7vCglhI2ZL9dZAftOi4Al1Hn3R8mzwSfsRfNPSeeUTK%2B1D8C6A%2Bb%2FdPKs%2BXAyjJG0rlEfU%2FN4YGKTRUbdUHS%2BMZLMQLJOp5mV8aAsHQw7sQtxHCtJe8gdirKDjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82d2b2faaf1170f8-HEL
expires: Thu, 28 Dec 2023 12:27:41 GMT

GET
H2 200 www.familycareshops.com_2.png
apkaio.com/storage/images/www/familycareshops/com/ 2 KB
2 KB 54ms
53ms Image
image/png 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkaio.com/storage/images/www/familycareshops/com/www.familycareshops.com_2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

3abc8cdea676b19921fcb7d9da5eb4abf40ae85c302f5567bdc550989bdd62e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/app/com.einnovation.temu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 972
x-powered-by: centminmod
content-length: 1813
x-xss-protection: 1; mode=block
last-modified: Sat, 25 Nov 2023 17:54:08 GMT
server: cloudflare
etag: "656234c0-715"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHvwUkPAH4MlYKu6Svw5re%2FF3E7pNcf69VZMfUfPfF2LsY2AVK1EdkB3LZz43PI6gAiKKCmq9BWUD%2B7bzdPd3u18wl8X48g1ZUuqP%2Fw5n9J%2B3HgkSNnR3enUrGW5e7DybknF5whJOcc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82d2b2faaf1370f8-HEL
expires: Thu, 28 Dec 2023 12:27:41 GMT

GET
H2 200 com.shopping.myanmar.online.shopping.myanmar.app.myanmarshoppingapp_2.png
apkaio.com/storage/images/com/shopping/myanmar/online/shopping/myanmar/app/myanmarshoppingapp/ 3 KB
4 KB 51ms
50ms Image
image/png 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkaio.com/storage/images/com/shopping/myanmar/online/shopping/myanmar/app/myanmarshoppingapp/com.shopping.myanmar.online.shopping.myanmar.app.myanmarshoppingapp_2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

bbfa56e54c4085cbe603f989e054ffea2afe6cd71ff78579350cbe16e6b87353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/app/com.einnovation.temu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 972
x-powered-by: centminmod
content-length: 3276
x-xss-protection: 1; mode=block
last-modified: Sat, 25 Nov 2023 11:37:36 GMT
server: cloudflare
etag: "6561dc80-ccc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWFYTjT6jlzKgUVouYZldevLytWEF0nAOBa3AlCKY2RlPNlEPHNcmpJzgp7eGpTXOyh36AQ5fh3oSGk67EYDHZUxWQQTRqpZO84BwuEqoXaR%2F9%2B0BLdb5Zr0pWBxKfldWLkeO7MVKks%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82d2b2faaf1570f8-HEL
expires: Thu, 28 Dec 2023 12:27:41 GMT

GET
H2 200 com.design2code.taiwan.online.shopping.apps.onlineshoppingtaiwan_2.png
apkaio.com/storage/images/com/design2code/taiwan/online/shopping/apps/onlineshoppingtaiwan/ 3 KB
3 KB 50ms
49ms Image
image/png 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkaio.com/storage/images/com/design2code/taiwan/online/shopping/apps/onlineshoppingtaiwan/com.design2code.taiwan.online.shopping.apps.onlineshoppingtaiwan_2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

85f470814bb27b1667398377b6230bcb02190fd5c91994f27ef0e8c061c804a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/app/com.einnovation.temu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 972
x-powered-by: centminmod
content-length: 3007
x-xss-protection: 1; mode=block
last-modified: Sat, 25 Nov 2023 11:37:22 GMT
server: cloudflare
etag: "6561dc72-bbf"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kc5paKhXNjDb5jRmGzKij9tQKURJXXHBB5so5O2dJeH6o8ZDaI8CxiP3RIHGghR70vau2268AgtcZ8wETu%2FHOHCCYdUe8K3dIeyY%2B1sZdu5qLu8aLxiz8PTJfcztyO3vLivP5LKXKJM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82d2b2faaf1670f8-HEL
expires: Thu, 28 Dec 2023 12:27:41 GMT

GET
H2 200 loyallyst.polostores_2.png
apkaio.com/storage/images/loyallyst/polostores/ 2 KB
2 KB 55ms
54ms Image
image/png 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkaio.com/storage/images/loyallyst/polostores/loyallyst.polostores_2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

b8b4d17a4c98cc68c2726db6505981436dd5b51369c425faf9da7e2f7a193cf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/app/com.einnovation.temu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 972
x-powered-by: centminmod
content-length: 1760
x-xss-protection: 1; mode=block
last-modified: Sat, 25 Nov 2023 10:39:14 GMT
server: cloudflare
etag: "6561ced2-6e0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptU5J4d2IIdDd4JLN2qn52VOgvWJAOkI3oguNOl68ufCZJR3exTeAELoOOLZpeMq6eX2ofjPc3cyx19Mgi0HnHbX%2BuaRKGmqgO3kcz9zMBuQOxKQruvMhQgq2XMLp3ca%2FigSafV8gyo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82d2b2faaf1970f8-HEL
expires: Thu, 28 Dec 2023 12:27:41 GMT

GET
H2 200 com.formax.nonstop_id_2.png
apkaio.com/storage/images/com/formax/nonstop_id/ 3 KB
3 KB 91ms
90ms Image
image/png 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkaio.com/storage/images/com/formax/nonstop_id/com.formax.nonstop_id_2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

3bac01643aae421f048dc667f14c02b2cfd535b4772b07a5ab941335cc089b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/app/com.einnovation.temu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 972
x-powered-by: centminmod
content-length: 2753
x-xss-protection: 1; mode=block
last-modified: Sat, 25 Nov 2023 08:27:36 GMT
server: cloudflare
etag: "6561aff8-ac1"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30QTzNoE6gJC4%2Btu7ngR46pqKYJNQY2pX3sdiDL6seC108rnWvSS5FuCcW0LSnsqf2H15fdgJQdzOq18J1fAhTkPfCAL%2BiS1e0TFn8Xg0HIxrJL4TphLnXUyKCEUG0Vtix%2BjHVPivrs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82d2b2facfaa70f8-HEL
expires: Thu, 28 Dec 2023 12:27:41 GMT

GET
H2 200 com.cartizz.decijaobucatop_2.png
apkaio.com/storage/images/com/cartizz/decijaobucatop/ 2 KB
2 KB 90ms
89ms Image
image/png 2606:4700:20::681a:33d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apkaio.com/storage/images/com/cartizz/decijaobucatop/com.cartizz.decijaobucatop_2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:33d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

b29004597303e141c1851ec390866c330b0a8de858472d13bb4d7770ebf3d84c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/app/com.einnovation.temu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 972
x-powered-by: centminmod
content-length: 1992
x-xss-protection: 1; mode=block
last-modified: Sat, 25 Nov 2023 07:05:01 GMT
server: cloudflare
etag: "65619c9d-7c8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0zJrIheR%2FFXOH1SVgliow2IkCgfKs9%2Bisa99ZIlQUilejwL7jMvuz1N3OHgaaOdjlvv7nWJLWt9Kr2jR%2FdvuNJEAvCYg%2FEgEXQp2viv%2BLrrWY2LXyvKDRoHXwhajZMGjmCQBEiESjs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82d2b2facfaf70f8-HEL
expires: Thu, 28 Dec 2023 12:27:41 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 98ms
33ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2Z7DCTV0BJ&gtm=45je3b81v9101623522&_p=1701175433354&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=850511072.1701175434&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&ngs=1&_s=1&sid=1701175433&sct=1&seg=0&dl=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&dt=Temu%3A%20Shop%20Like%20a%20Billionaire%201.65.0%20APKs%20Download%20-%20com.einnovation.temu&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1182
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Z7DCTV0BJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apkaio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 67ms
67ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2013553847&t=pageview&_s=1&dl=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ul=en-us&de=UTF-8&dt=Temu%3A%20Shop%20Like%20a%20Billionaire%201.65.0%20APKs%20Download%20-%20com.einnovation.temu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1260308292&gjid=469344082&cid=850511072.1701175434&tid=UA-219351102-1&_gid=361460031.1701175434&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=392963658

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://apkaio.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apkaio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1EBF 241 KB
71 KB 586ms
586ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&adk=1812271804&adf=3025194257&lmt=1701175433&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433281&bpp=2&bdt=400&idt=403&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=482684741681&frm=20&pv=2&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=417

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4416187608269653&plah=apkaio.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45077a62256e8bed67dbae7d5ee5f66eb91686f6b593c32e1201dcbea27de303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkaio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 72202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:43:54 GMT
expires: Tue, 28 Nov 2023 12:43:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 47E5 128 KB
42 KB 751ms
750ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdfa5fd9b5f6417a2f5a463c4916f10ae044087d132b9ae8a0ca3ecadbdcf7cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkaio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43119
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:43:54 GMT
expires: Tue, 28 Nov 2023 12:43:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D41E 103 KB
44 KB 684ms
684ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1478383417&adk=3721280051&adf=3528253133&pi=t.ma~as.1478383417&w=392&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=392x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433284&bpp=1&bdt=403&idt=423&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C792x280&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=425

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bbb16671d748ef16f17771bae8d07d5a7a5ac7dd4bbfe36864084fd58ad0fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkaio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44369
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:43:54 GMT
expires: Tue, 28 Nov 2023 12:43:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D41E 42 B
63 B 94ms
93ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AhqAHMwxOmsgWB6gJYGRkjM9Slmf2JmwEdGzlHRub2lgLQyhnA0Jtz4XY8PApzM6dZxcBsvGcGl6iwi-1wckEFX6pgtMt72NtNjeOp-MPKIq9SbDY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1478383417&adk=3721280051&adf=3528253133&pi=t.ma~as.1478383417&w=392&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=392x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433284&bpp=1&bdt=403&idt=423&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C792x280&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=425

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 160 KB
55 KB 149ms
149ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7b50d217b497a32fee082b3d7c373785fc6448243a284cd0de09f6d3fd9039d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55796
x-xss-protection: 0
server: cafe
etag: 15495333939315159992
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:43:54 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3D21 624 B
246 B 101ms
101ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEM63_70CGK2dtP8BMAE&v=APEucNVOSbVQLBYHgai0o8jdbjurVfAj1eHttWTF-T4X4dgduz_fgcnOYbbG1qYOZgCA7cDCtUSa9uhwM4ySyAfje_5g-JoNhb3QC78XSEgeYdh-snylBre1ORHaxxlf7McBOPHGwGEk17wvXMVAoCqjFrhbaPYU_MoNIDbV4hdctpccSWBwbEk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1478383417&adk=3721280051&adf=3528253133&pi=t.ma~as.1478383417&w=392&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=392x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433284&bpp=1&bdt=403&idt=423&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C792x280&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=425
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:43:54 GMT
expires: Tue, 28 Nov 2023 12:43:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D30 716 B
382 B 421ms
420ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=100&adk=2852494490&adf=1110404614&pi=t.aa~a.3183177541~rp.3&w=392&fwrn=4&fwrnh=100&lmt=1701175434&rafmt=1&to=qs&pwprc=4756028185&format=392x100&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175434436&bpp=1&bdt=1555&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C792x280%2C392x280&nras=2&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48a3335cafde47235e30efe9e84b9a36243981e5b0574a6834dc26880085ddde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkaio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:43:54 GMT
expires: Tue, 28 Nov 2023 12:43:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BE4 716 B
381 B 282ms
281ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=50&adk=3375355607&adf=1110404614&pi=t.aa~a.2147701234~rp.4&w=392&fwrn=4&fwrnh=100&lmt=1701175434&rafmt=1&to=qs&pwprc=4756028185&format=392x50&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175434436&bpp=1&bdt=1555&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C792x280%2C392x280%2C392x100&nras=3&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1004&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60ad16bb8450582ed38381f257f8378d8c252e6c4df6285064d5f6c109f2e5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkaio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:43:54 GMT
expires: Tue, 28 Nov 2023 12:43:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame D41E 111 KB
39 KB 189ms
60ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Nov 2023 07:40:28 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame D41E 7 KB
3 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 07:40:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame D41E 23 KB
9 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 07:40:28 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D41E 41 KB
14 KB 211ms
82ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 16:17:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D41E 3 KB
1 KB 208ms
79ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:08:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D41E 20 KB
9 KB 191ms
62ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:17:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D41E 202 KB
64 KB 314ms
185ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:43:54 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 47E5 9 KB
4 KB 190ms
61ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 14:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 14:04:29 GMT

GET
H2 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame 47E5 11 KB
5 KB 192ms
63ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 00:13:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 47E5 14 KB
2 KB 198ms
69ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 12:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:15:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 12:43:54 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 47E5 2 KB
875 B 103ms
102ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:09:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 47E5 23 KB
9 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:09:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 47E5 3 KB
1 KB 110ms
109ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:08:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 47E5 20 KB
8 KB 178ms
70ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:17:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47E5 202 KB
64 KB 183ms
75ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:43:54 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 47E5 37 KB
15 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3D21
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBTVPvYNXW8qBd9rgWVV8g8&google_cver=1

43 B
769 B

82ms
81ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBTVPvYNXW8qBd9rgWVV8g8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEM63_70CGK2dtP8BMAE&v=APEucNVOSbVQLBYHgai0o8jdbjurVfAj1eHttWTF-T4X4dgduz_fgcnOYbbG1qYOZgCA7cDCtUSa9uhwM4ySyAfje_5g-JoNhb3QC78XSEgeYdh-snylBre1ORHaxxlf7McBOPHGwGEk17wvXMVAoCqjFrhbaPYU_MoNIDbV4hdctpccSWBwbEk
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JTPmqZMUrKOv1L5mQnLlqiNsjpsowMCiN22rFGTPwMiThNK7YWtyR14QsyJmiThr0OlYshbyI%2BGsi0xt%2F5KCoMH9oB%2Fj9oDH9T%2BJpDI50fkzGFNMPiqtjCa3pmlTd5tDRDSA%2FH1N8igsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82d2b30329620a3b-ARN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBTVPvYNXW8qBd9rgWVV8g8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3D21
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWXgisfKiQvt0R747hLRlAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIbGP33VFbvnK5m_NdmQwA&google_cver=1

43 B
727 B

81ms
81ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIbGP33VFbvnK5m_NdmQwA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEM63_70CGK2dtP8BMAE&v=APEucNVOSbVQLBYHgai0o8jdbjurVfAj1eHttWTF-T4X4dgduz_fgcnOYbbG1qYOZgCA7cDCtUSa9uhwM4ySyAfje_5g-JoNhb3QC78XSEgeYdh-snylBre1ORHaxxlf7McBOPHGwGEk17wvXMVAoCqjFrhbaPYU_MoNIDbV4hdctpccSWBwbEk
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LiyP3Ks6t0Q9HCXlVcIMw9FWtVyiTKzCtqr75V750VKcsirBlevAngqz3XrxGPCnD1z2eMvRDKmz2ujI965XParce9wzMkwwa4giwEmstwwJFjgIL1kJjAbJVAgn%2Bsp6xDC1r80afaZwg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82d2b303ea510a3b-ARN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIbGP33VFbvnK5m_NdmQwA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3D21
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELQ7CytHCS5s3Wmbvjd0a9c&google_cver=1

43 B
839 B

110ms
110ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELQ7CytHCS5s3Wmbvjd0a9c&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEM63_70CGK2dtP8BMAE&v=APEucNVOSbVQLBYHgai0o8jdbjurVfAj1eHttWTF-T4X4dgduz_fgcnOYbbG1qYOZgCA7cDCtUSa9uhwM4ySyAfje_5g-JoNhb3QC78XSEgeYdh-snylBre1ORHaxxlf7McBOPHGwGEk17wvXMVAoCqjFrhbaPYU_MoNIDbV4hdctpccSWBwbEk

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
an-x-request-uuid: 6e41c8e5-9a1b-4d28-afc9-a4c82d08227c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELQ7CytHCS5s3Wmbvjd0a9c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3D21
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMzUzMDk0NzcyNjM2NTY4NQ%3D%3D

170 B
243 B

70ms
70ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMzUzMDk0NzcyNjM2NTY4NQ%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
an-x-request-uuid: 1b034142-b19a-4328-92d7-b746bb79e7b1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMzUzMDk0NzcyNjM2NTY4NQ%3D%3D
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 9194 9 KB
4 KB 61ms
60ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkaio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 64848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 18:43:06 GMT
etag: 111328227650088477
expires: Mon, 11 Dec 2023 18:43:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame A9D4 9 KB
4 KB 60ms
60ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkaio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 64848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 18:43:06 GMT
etag: 111328227650088477
expires: Mon, 11 Dec 2023 18:43:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 9194 4 KB
744 B 68ms
68ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 12:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:23:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 12:43:54 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 67C9 23 KB
9 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:09:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 67C9 8 KB
823 B 70ms
68ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 12:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:14:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 12:43:54 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 67C9 15 KB
3 KB 363ms
229ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 08:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 08:27:12 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 67C9 376 KB
131 KB 194ms
60ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 11:54:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 67C9 20 KB
8 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:17:19 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 9194 15 KB
7 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 07:40:29 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 9194 21 KB
9 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:09:15 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4F13 624 B
242 B 101ms
101ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEM63_70CGJK9sv8BMAE&v=APEucNX-VYZcLQ3A0Vc_YpASUHoMnZFjeh2_gnKdahrpviZHwwWzJMZZpXbbIa6jv00dsWpCYr1bYDscHK7-AR5KXY0Cvmpc76L5Mhhc8B4lfMezkF1RnBPYbrviOGgSLIFn9UyTgPScxHi7TY5U9iXqvcZPI2n1veh4usQal_FNJ2gVyLJOx60

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:43:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A9D4 111 KB
39 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Nov 2023 07:40:28 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame A9D4 7 KB
3 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 07:40:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame A9D4 23 KB
9 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 07:40:28 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A9D4 41 KB
14 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 16:17:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A9D4 3 KB
1 KB 109ms
109ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:08:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A9D4 20 KB
8 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:17:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A9D4 42 B
63 B 94ms
94ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bcm1fJfeTAg8TN3BmAzJm4DHMVddxKjVY6Fpf6LnYeDlOiJ9nPf1axg6p0Gqyk2Ce9IPpU1csojwblIlBs7i8YHCs9-5Q3iFxJqYLAQCb4AmDmWkQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9D4 202 KB
64 KB 157ms
157ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:43:54 GMT

GET
DATA 200
OK truncated
/ Frame D41E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f78d54d32613b62edfe1137adb05245679a6114834bb678601e5eb41e959b52

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D7C2 143 B
166 B 61ms
60ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 2372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 47E5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f09fa897f6e84e5fbd6529296e087e2ae8f07ba5badd7ca6c30d40ac14b4aa58

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3F30 38 KB
13 KB 70ms
70ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 246343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:18:11 GMT
expires: Sun, 24 Nov 2024 16:18:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1082146099593702948/ Frame 2F67 87 KB
21 KB 188ms
64ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1082146099593702948/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1f6a49aaccba2aae83e711e57956d2d77dca7e87fcb66605971c331e0b52f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 318307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 20982
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 20:18:47 GMT
expires: Sat, 23 Nov 2024 20:18:47 GMT
last-modified: Fri, 24 Nov 2023 11:52:02 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D41E 0
0 240ms
103ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsspV4t5FoX-WaiII5GgrxfOVh8lKFjpfIlEFEuwgobET_agAfvpufXfZ5dPeAmGJJwdrJ0JDperfqZ3P3sSKP_5CbHsnjzY_LkGiX7nm8CaQBZJgn5WJdkE6_Xs79hN5jPVKySwOn7XNmN9f3IGzr6uEFrGTv_qd_FWOMu1yHIimMuwXQv_mo61J-fWQP1PKz1_5VQy9vWv0FaRai1YnwOqpPXWWVoqyo8aZzgVE3PpmI-jfOhp49waoNe9oXlPHr4eFeEb9uK8bZ1DzGtq0iKqnX-YUOcFZe7Ti8fQzXVgUUdQFRxudtjJneksPhk_DGcdoP9tlBeW5-15ChITVDQliOHjIy5nJ2mlS6m6aqhH1z_SMun2wc4Tn7SkeFyj87OgQOmnGvyT4DDIlGgxR0m20eKbQA3y13aoO0OZXUpZDVpAkqpYO5n8Y9xGDOnQv4v_bD_PGdT-1YytrU_jWkFe-uddVrMmWAJFxsqfya6Dpa5Y3AnPzOgWQ3jAeS42q-ERJeDaNkogau_DewNhUroRQR93omhFXS8pRDz-0rbSFQG4vCGW_xY3UUePvxh3HFyuD-bSoetcCAGY4y7jIfoFze_7NC1W16b_aH5BgZKj6ys273Xfp4GBCnCgOkxtXqKFxCFR1-uQ4UDNFu_JjgIvAEtv3T9f4BWqkDCk7FclJId9VdSP5dCZ8iyYip3kTuBrjn1u31VeOBVdvO9IQKyyw5T4BawdOKK_kyfwcxj4KR_chLWymkGinBmmXRENCEn08gFENN8EaDk9CXNyxa1pN95tf9B2BkMtJcvEf1U4xbFd23UnGLEtkNP1-iRB1c4t8FGaIte9fDZDp8WpFXznudcKYKFGmGxq6iqOT059xBlbp7ksbbTcC5HVLTfJ5V7nqDjUNShK4WwmGNMZtMZ7FVmPkzqm4A1jgqNpCimMqbVLHUYfujTZ2cVss_Kjj_kO-yZV4cAgbFOvQYs086qd0XQKyPXmCBdeHWyYPii8r3An6Vy_zOh2EYHx4e3sBJLaaUT1X5LEwM7n47rDDzgHBrjQLgpuJTOcIvFQU8lmgNXFaFretsd5CLHmMUnvZy_Gzia-9QHG1DTnDvrf5xlR-r4IXvZlHaNgKFOQ34kry6eTlxJFVukNu4WxQxBXJ1e4EJKAZNzDZaMtmBmSlCnvdKgzqozybTxFPr5HSZt7-vshgI_WFrj4h5eNE7KyB5ojuEuWk6NmCtFrqtA0lZ41awcqP796_txjnYjs1nrN5uzbtJMCK5puOLr-IHZOBohEnLI6AWGpUXFD&sai=AMfl-YSjemYV5AZGN5tiFUZbc6eB8qiZb6UvHFOwr0j6n9za1oln8gFHJxyR9UvWxwnWbc_dLD6CvMdO9xDgp8LYYXb6KDSr_8UDCxqS5RVpL41dEtqJfsXTak6Bxyp1IryqDKfNfzgIQA4Ry-SYP8IE0Y5CDcLo3aNVzMfDvBhzfsw2NUuUwrWO2SVLHRSeML6ylU3sFXihQ6P7ZgbQ6IOx65DNJod9krs3-toXF7kG_m1zdtHQ-9Te2IHX4jBdqCcjxJtU0j56jY78qSiu7SNeHqiUjZJiepThj3TzC0kFVnszp3E4nb2v2NGtoXHaL9aQfdQXP0qHWpTZIByrVbiiWHutkbwFGyj8C3X0YZVUCI6lKotrRaH540BzeGzE6eAGLc7wbjX7sZaiAiy9LEzI0kCJ3X-16OpR3EsZUHpPtGY0BfWdo4OcBqP5dBDshv2WA8Dq1d38YiN9wdcijY_2ZbMMlMa28Zeas55UaOgkagqelugG_nJ1II_AbOA3ZMCI6duMvxo&sig=Cg0ArKJSzFnLJx9S9-4jEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYW1wYW5pYWxnLnJv&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=276&cbvp=1&cstd=275&cisv=r20231109.27667&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Nov 2023 12:43:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D7C2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

71ms
70ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:43:54 GMT
expires: Tue, 28 Nov 2023 12:43:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:43:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4F13
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIbGP33VFbvnK5m_NdmQwA&google_cver=1

43 B
735 B

75ms
74ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIbGP33VFbvnK5m_NdmQwA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEM63_70CGJK9sv8BMAE&v=APEucNX-VYZcLQ3A0Vc_YpASUHoMnZFjeh2_gnKdahrpviZHwwWzJMZZpXbbIa6jv00dsWpCYr1bYDscHK7-AR5KXY0Cvmpc76L5Mhhc8B4lfMezkF1RnBPYbrviOGgSLIFn9UyTgPScxHi7TY5U9iXqvcZPI2n1veh4usQal_FNJ2gVyLJOx60
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plOfhfqWjo%2FXRxoj3M%2BYrZMP9F3nN7N1PRvPa3%2FyKOuG%2FkXiGqbqGCAGgVrhls255vgewdVz1uz%2BDTuLFAc2DrStPN54n6KVOdnqryxQ9j5jxKO2pYsNuUZIl2dxlt7YyrpI1Zrr1rDhog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82d2b303ea540a3b-ARN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIbGP33VFbvnK5m_NdmQwA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4F13
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWXgisfKiQvt0R747hLRlAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIbGP33VFbvnK5m_NdmQwA&google_cver=1

43 B
728 B

93ms
93ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIbGP33VFbvnK5m_NdmQwA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEM63_70CGJK9sv8BMAE&v=APEucNX-VYZcLQ3A0Vc_YpASUHoMnZFjeh2_gnKdahrpviZHwwWzJMZZpXbbIa6jv00dsWpCYr1bYDscHK7-AR5KXY0Cvmpc76L5Mhhc8B4lfMezkF1RnBPYbrviOGgSLIFn9UyTgPScxHi7TY5U9iXqvcZPI2n1veh4usQal_FNJ2gVyLJOx60
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dOMmUveFKK2liboXmGlh3OF%2F24aTh3wdxjCnAJcNmRuJlu91L9kK5UxphRoTdHFMxz7ssqGFWP8INpurWipauu0JgECv4VhRPcwIzVtx4Mm1tfYlaCQpG9GBNpZ4XJIKDUpmpkMsuJIsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82d2b3045ae40a3b-ARN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBIbGP33VFbvnK5m_NdmQwA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 4F13
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEHEnXqaJvB0grFHFOLK-7M&google_cver=1

43 B
842 B

64ms
64ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEHEnXqaJvB0grFHFOLK-7M&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKL6K4CEM63_70CGJK9sv8BMAE&v=APEucNX-VYZcLQ3A0Vc_YpASUHoMnZFjeh2_gnKdahrpviZHwwWzJMZZpXbbIa6jv00dsWpCYr1bYDscHK7-AR5KXY0Cvmpc76L5Mhhc8B4lfMezkF1RnBPYbrviOGgSLIFn9UyTgPScxHi7TY5U9iXqvcZPI2n1veh4usQal_FNJ2gVyLJOx60

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
an-x-request-uuid: 60984cd9-46ac-4d84-9c9d-3d104c68760d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEHEnXqaJvB0grFHFOLK-7M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4F13
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMzUzMDk0NzcyNjM2NTY4NQ%3D%3D

170 B
232 B

74ms
74ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMzUzMDk0NzcyNjM2NTY4NQ%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:54 GMT
an-x-request-uuid: cdd391af-b41d-4037-a1cd-2a34ea4c30f3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkwMzUzMDk0NzcyNjM2NTY4NQ%3D%3D
x-proxy-origin: 185.204.1.184; 185.204.1.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17126041573053037717/ Frame AFB2 98 KB
21 KB 137ms
61ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17126041573053037717/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbeda291ee7e1be3e19180c35c05530fe17d4bc7a31d21a8ac2584b471453e80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 318319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21333
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 20:18:35 GMT
expires: Sat, 23 Nov 2024 20:18:35 GMT
last-modified: Fri, 24 Nov 2023 11:52:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame A9D4 0
0 194ms
104ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvkJroMrhGKr2hi5dx-TUCgt9DqZ6bmQyOMmYrK7g7Iptx2r7BAuNj9dhs6PP596vKnXajPkeNQqJPMapswDUKJLJK_rP6XjAzqMMuSxp-VrwHZ6ddpK-8jLk4nMuzBSK__pn3psQBfSi5q7sdQJ00__-Xt2FvkHiNi-pjKZoZUQNiVNsqXx7-Rp5b4HnLJiQRkrwX_ra3vfEGHSaz0lXdBei9n-J1cSYkUDNlMBPoi839hfAPJIeFF9H6c-1L2jDJXE-vqOKpuAYSwkvrsFfn2690VX-NY1Ae-j9Ax_ajSQHimNNPpAUq4vjDy9Dku2FS9zSdYcdBBL_TmDfswCXjR9ESqnn0EziDxOURDQW3iPKQmYcY6v06dFD-Ru9WvTyk-Ta4or0Hg4NuNtLIeegTxkgDr3W55yAkbvVlChpGgjY-OQABOJ1Uw8O9G9kLaKa90Kw3t8OKWIb-_fRzDezkGB_ml9TamxS9Q7yzsBrepT10XEfl8MN1mxTHCxLtZVeurljq0Na20Vtt-0D5NeH9OyvlPAT2gjE8Y9Y-94OCWpT4Vd-8Wi-clm0s1kTiQ5z1UYfRVjFxDgeEv9Q-u3uB5KnjQk0Y7N_IeetHBFKdGb6u9NYSOlc5fEXTKE9cly196ml40jXtcHNQoSLGiF8Zaaw4g0kIHbiP63QPfv2hBuZDfJuloYXKTwvpLhfZMcmThtD0Tw36nXZqMhnEmseS9diP3aGd3fTe06BNN_dJiL6BFCpWdIvOkcWOXrNlkwbrmIPsVSeL3Gks3lpbj32JnX5Mw8f9yhZXKewa4PosFVzXvppXerJXHCuCpPUJ6CDxN65Opb--9l0Tg4qu4ZjUBgfeyvjs_Tsdd-ttkbKnOIw7sXc94DsGqf10AKqXapxHSyq6By7Pr1Z9cu17QbtNQ714Gr6r1GKdpmBerbeqnEFvmZbmRvYsorrDrRz3LtwKTTfcU6gMoK6HJQddnaW2tE0EW_t3Sv7LhGrOM9G888-w0DOv9k40XP0wudm7WodpIUIslXpoky8fc0uOW-WJi_4GFmVfvUhJ8T3S_Vghy9NRbZky2_p0UEXu3HyuDSsBeEIRx9l5u6patDhckXgFDOwS1wnaLpmbuAK7noiU7fSEq0Mg9U0EQkWisr6iMQJexqyDZQH9lYWIAFlrrtQsVxIWcysx9nUTF6-0LxYOHq1Cv6bE_YThKn8zkKbGjWJ4IQ_NiRO6esLDS7XuYGb-Bv0YDmNWjR2uLDaougUDbEzQk0WzLSzS-fSA-ckm3fbLH&sai=AMfl-YSIFkl4fmwA9Z_3Gv-aSDShF4AwnKVBoCOXlyGS8JN1-BT1BrYyrvCM5W26wyuiJSmGUdKFcPlDelyg-KG8Ibf3lppqUdiaBPprbHrHnUJmhJL0-YFn7Vr-C-D1IiFrReP3RZxejIi0asc8xB3fa-kFtG9w4n62qBIc8p4726arJCiZuJDyjyTPWXZXUvO72z4hqYoWXV1mrlM-WvrZfARJ4SRLhs1aMwj-01GhZX9KJQyetV1PpNJY58i5lqqDmmvMl08HFetzmM4Zo4Ri9Kv1Vy8X_n8POH6VJ1pvPV1SsitXAWHHXoMdd56DKYeAvx750HHAAiHYmnbg7D86yeOx7YbD0iqEWEmpwkd2Oc9_ks6T9OzXAB6vyEMeu1GzL1M9e48IaoU8NQZuSkWJ8jDc8RoV7tY3dSqysuLvuhxCyipOmfcfEoESBDzBdyQLnlxLbi7ARcEeHSjWiTFWs2lOR8b0I8__jSsPBxVp-FzFVnrBnzDiBkAzmDdJz3LZsv3Avw1g8Wh32w&sig=Cg0ArKJSzN5uv9ATutyHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYW1wYW5pYWxnLnJv&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=107&cbvp=1&cstd=106&cisv=r20231109.96441&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Nov 2023 12:43:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A9D4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80eafa443ebe8e938b6e82c2f07796e6781fcf35b617f8c690d8b88a91559d8b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B337 38 KB
13 KB 60ms
60ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 246343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:18:11 GMT
expires: Sun, 24 Nov 2024 16:18:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F30 39 KB
15 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 12:29:43 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 47E5 33 KB
34 KB 189ms
61ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 12876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Nov 2024 09:09:18 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjwUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 47E5 19 KB
19 KB 258ms
130ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjwUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08d75b5efe81a77e5662b604db053d1d0ff9e0d8e9625d480543e1c5b68afb49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 17:50:38 GMT
x-content-type-options: nosniff
age: 327196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19700
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 17:50:38 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 2F67 32 KB
11 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1082146099593702948/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1082146099593702948/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 17:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Nov 2023 17:05:58 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B337 39 KB
15 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 12:29:43 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame AFB2 32 KB
11 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17126041573053037717/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17126041573053037717/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 17:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Nov 2023 17:05:58 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D41E 0
0 99ms
99ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsspV4t5FoX-WaiII5GgrxfOVh8lKFjpfIlEFEuwgobET_agAfvpufXfZ5dPeAmGJJwdrJ0JDperfqZ3P3sSKP_5CbHsnjzY_LkGiX7nm8CaQBZJgn5WJdkE6_Xs79hN5jPVKySwOn7XNmN9f3IGzr6uEFrGTv_qd_FWOMu1yHIimMuwXQv_mo61J-fWQP1PKz1_5VQy9vWv0FaRai1YnwOqpPXWWVoqyo8aZzgVE3PpmI-jfOhp49waoNe9oXlPHr4eFeEb9uK8bZ1DzGtq0iKqnX-YUOcFZe7Ti8fQzXVgUUdQFRxudtjJneksPhk_DGcdoP9tlBeW5-15ChITVDQliOHjIy5nJ2mlS6m6aqhH1z_SMun2wc4Tn7SkeFyj87OgQOmnGvyT4DDIlGgxR0m20eKbQA3y13aoO0OZXUpZDVpAkqpYO5n8Y9xGDOnQv4v_bD_PGdT-1YytrU_jWkFe-uddVrMmWAJFxsqfya6Dpa5Y3AnPzOgWQ3jAeS42q-ERJeDaNkogau_DewNhUroRQR93omhFXS8pRDz-0rbSFQG4vCGW_xY3UUePvxh3HFyuD-bSoetcCAGY4y7jIfoFze_7NC1W16b_aH5BgZKj6ys273Xfp4GBCnCgOkxtXqKFxCFR1-uQ4UDNFu_JjgIvAEtv3T9f4BWqkDCk7FclJId9VdSP5dCZ8iyYip3kTuBrjn1u31VeOBVdvO9IQKyyw5T4BawdOKK_kyfwcxj4KR_chLWymkGinBmmXRENCEn08gFENN8EaDk9CXNyxa1pN95tf9B2BkMtJcvEf1U4xbFd23UnGLEtkNP1-iRB1c4t8FGaIte9fDZDp8WpFXznudcKYKFGmGxq6iqOT059xBlbp7ksbbTcC5HVLTfJ5V7nqDjUNShK4WwmGNMZtMZ7FVmPkzqm4A1jgqNpCimMqbVLHUYfujTZ2cVss_Kjj_kO-yZV4cAgbFOvQYs086qd0XQKyPXmCBdeHWyYPii8r3An6Vy_zOh2EYHx4e3sBJLaaUT1X5LEwM7n47rDDzgHBrjQLgpuJTOcIvFQU8lmgNXFaFretsd5CLHmMUnvZy_Gzia-9QHG1DTnDvrf5xlR-r4IXvZlHaNgKFOQ34kry6eTlxJFVukNu4WxQxBXJ1e4EJKAZNzDZaMtmBmSlCnvdKgzqozybTxFPr5HSZt7-vshgI_WFrj4h5eNE7KyB5ojuEuWk6NmCtFrqtA0lZ41awcqP796_txjnYjs1nrN5uzbtJMCK5puOLr-IHZOBohEnLI6AWGpUXFD&sai=AMfl-YSjemYV5AZGN5tiFUZbc6eB8qiZb6UvHFOwr0j6n9za1oln8gFHJxyR9UvWxwnWbc_dLD6CvMdO9xDgp8LYYXb6KDSr_8UDCxqS5RVpL41dEtqJfsXTak6Bxyp1IryqDKfNfzgIQA4Ry-SYP8IE0Y5CDcLo3aNVzMfDvBhzfsw2NUuUwrWO2SVLHRSeML6ylU3sFXihQ6P7ZgbQ6IOx65DNJod9krs3-toXF7kG_m1zdtHQ-9Te2IHX4jBdqCcjxJtU0j56jY78qSiu7SNeHqiUjZJiepThj3TzC0kFVnszp3E4nb2v2NGtoXHaL9aQfdQXP0qHWpTZIByrVbiiWHutkbwFGyj8C3X0YZVUCI6lKotrRaH540BzeGzE6eAGLc7wbjX7sZaiAiy9LEzI0kCJ3X-16OpR3EsZUHpPtGY0BfWdo4OcBqP5dBDshv2WA8Dq1d38YiN9wdcijY_2ZbMMlMa28Zeas55UaOgkagqelugG_nJ1II_AbOA3ZMCI6duMvxo&sig=Cg0ArKJSzFnLJx9S9-4jEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYW1wYW5pYWxnLnJv&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=563&vt=11&dtpt=287&dett=3&cstd=275&cisv=r20231109.27667&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 67C9 0
225 B 429ms
143ms Ping
image/gif 2607:f8b0:400c:c18::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lpibxija&c=7766358398983&slotId=3883179199491.5&qqid=CJetu6vc5oIDFQPVZAodLK0C5g&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c18::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 67C9 0
20 B 95ms
94ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Chm_HieBlZdfEMYOqkwOs2oqwDpn8zqxzo42PrOQRxuK2ta0wEAEg1afokQFggwXIAQWpAjES_r_Ojo0-qAMByAObBKoE5gFP0FEE99og-aKqI7TY3XBu1L7-L1wl4p3xImQflANdUBMMYFsU9-Towsp0TkhOWzGk4M1R0GfM9qLh-Ay-lsKrj4e_a-gGDXMRTgBXXULHaVw89nmIz83R_JrJn4bmLjgrif6mU8mmowjpC_8ppNFkUaB_Y0aQli4zqBDMoKSEJ5fPI1LRh2cTKXdyaHmsjI9ACI5G9-rmS25gBu8tks1x-tnzf76EtRroPX1Ar2GgwgFm5SiYHygsXBvyERWGw8oXV7Kjv5YKTssMqZ2sFN-aE1QDHTjXP9UsnPparGtswLIYWmyYt8AEk86W-sYE4AQDiAXo58_GTJAGAaAGdoAH--2buQOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJST7ATsb_fFMgTm_7H4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1701175435035&ai=Chm_HieBlZdfEMYOqkwOs2oqwDpn8zqxzo42PrOQRxuK2ta0wEAEg1afokQFggwXIAQWpAjES_r_Ojo0-qAMByAObBKoE5gFP0FEE99og-aKqI7TY3XBu1L7-L1wl4p3xImQflANdUBMMYFsU9-Towsp0TkhOWzGk4M1R0GfM9qLh-Ay-lsKrj4e_a-gGDXMRTgBXXULHaVw89nmIz83R_JrJn4bmLjgrif6mU8mmowjpC_8ppNFkUaB_Y0aQli4zqBDMoKSEJ5fPI1LRh2cTKXdyaHmsjI9ACI5G9-rmS25gBu8tks1x-tnzf76EtRroPX1Ar2GgwgFm5SiYHygsXBvyERWGw8oXV7Kjv5YKTssMqZ2sFN-aE1QDHTjXP9UsnPparGtswLIYWmyYt8AEk86W-sYE4AQDiAXo58_GTJAGAaAGdoAH--2buQOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJST7ATsb_fFMgTm_7H4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 67C9 0
45 B 423ms
143ms Ping
image/gif 2607:f8b0:400c:c18::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lpibxijf&c=7766358398983&slotId=3883179199491.5&qqid=CJetu6vc5oIDFQPVZAodLK0C5g&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.119&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c18::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 67C9 31 KB
18 KB 380ms
235ms XHR
text/xml 142.250.110.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Ct88kTL6MerB-ZGFXhyvKAa2q6hVYvRvHetr7ZinLQX7D_1Rra-eLo2qEBP5Wcl4P9hCiHOmLJSLNxTbk36qkEdA1Rsg&cry=1&dbm_d=AKAmf-ABYq3nQT7c5P2GJzvHuoRbf8NbZbMHFOjOMEpFIgktezjkij01HIOD18yeThYnJCvsJqIsR5pEitd6omYh9mSOk1tQlmRAxbofCuNZCMtqAgo7Az0IEEflwd2Oudmx6uwlgVO9VcCKDm4xPjA7QLFg_8qc2ekDRPV43j4aL6aO45Q88ZrR0eys6cFvQC3K3kGOmLvQRrV5ISJGpN4TtjAVVVqSocF6r3GAB3sfaj1YgLX1mMd8NAp8AqK2MZ9CpPvsoIoTyX4mVjE_m-9zHcXXElc_MMBy_xV-hl12ZsLlyUnnUEIY4cByiCT-cb00Ek5e9g9CwInMpnR20Tnklv_mT_H2mQPm5rQD2rWAJX2o3emShL9b-rK8RMeABUHE4I9pQn5v8217PImxjg7b12Zk8y0T9LeZA4Rh8IOHauwhA4Pb9F1ILw2hDPk2REu4L1wErL4czJnnK_50l24enwxT5-rBYnAmyZkAqQNqmrsbpQCkOlIzMHe2k0QqDUxv1tJ1oumYjBNslSfyIzVtrq6U7bNjNayIUmkIrWqI7qpzd0s7fPItxp2bre36ko6ynNTLs3NuXElMGGUZsGhgMp78qJHAwJbDn7Vv2BfX_xbUBqsLVCe6sXvQuaYNoWhXlv0pOUCqKAm0wxH04zMQ4L88OtMfaHcDkwoRcM7-NLKvTMAHCxq1-lb_lDRPj0dxqBFECFQP5aPlUBloe5pYz_mTNSYGxNVw0Z32p9fBQIQTG_45JhDv3uHnk1QNbHmXPZd5ZUOl2ViKG6PLGgSIdtgcQ2yrvex5cdXxdqSa5bCt8xHwy88TueS6sdrUWf80Zre3jUQPHDYwffVXpCSeQmGBC_7D6LH9rngWeiDRLAtvSQfW_LcDyDf3gspTdqvkt5ppcxDMQ6ctNVCTyOEw1sQphUzxsRrw-gsqh2_pPU26aR9k0ce2fjSTwHnf9AP9X-TnJ4gASJGfIi45n6dn6XEZspj7Fowf9327o8jhhWOVpsQiRMr2X7zAYPvSJlW_jNp7CBGaBsHUgd-2sljm1W0Ghv8S-oy3a3dy2uXBsnNpj_xVo7_aAXKiMVk95hCn3ZrqdHE_p3giwgVBnh9nJJLJpdzyJNHZt5TcmfpsEMimYgVMgsmqHUAM4UTDJ9k2SCB9ro_srEa9g2z2yEL8m3_OAWHvK4-wo0FkAZ-TajwVIWMYpEzMHdkS_vS6ll5L16nun_txo56kB-7TqKLbfIOBg1e2M9umwzkOPam6pnHIZwjPIOi8k31Z1qMfViWm-3KFgaliF_735X6Ggs8jCJzX40OHM_Z34rGt-TxSMG5QbxvAOQKB_GwqqkHpfcNI5MZa7eASYvSs6kwE5GPirT7g07hYEpi3fhy0P5DZdZxJz4YLhVmi3QxVIxRH8j69T00Pl29q_F_dLhL7mdt96VIuOxcReWbD-cId0ygeYmuAzHT4ZYNdRNuauEWYgmQaJcWf5UEAXPpaS2rD4cMMmOT__5IahWZ9quX_CC_zxQ4qVzbcoUDdWAu70HFM9iF7k94TFeSqc5EPG5Qfo89-EpJBAtFjaNqRW2Kfbw7WusIWU9yxWLvp5H3GL3cHyPIfrpYfZqgYzUoPlA6a4INVZXUHVwoQ1Is6e56EL0CzvMCP5OdKonDVEKtWLuJFPQ_aTGMqaDSydoGimZ0nmSXc0-05kq7giPZ81PExCoUjyL_xAr-Fw-uTlDmnCLV7oFDRhkKK5Cdv9t6oPMaocNhvCO3HDj05SaSc5jVAiWhNC7G8h_nrbA-qdu8mXBC6w6JS6eyIWzqHrkyGTrrnKxvr6vNtkTMBPv_4zLcL0KGDbyyf2RN08tHlxlfNit-P-4stRCfkPt5s91KUN2J036jDXPNEnWvY-EFDM2hlEhatfTMO6nb5lW7nKCBm-m11esaq9trff92PukWsHwjw_kScGTiOzVJAfZI2IrOzrVzqdaeehgBXI9whN_OFAP1yDs42aBZP-Y-t8lBMAnITGRiEaohS_ftj6laGRebwzb0Ts8pbJo-oEZy-KqdbQgaOe7VK72vDHcajwwfitsz1ngiKoHSbCcDEc_-7p1jG4JPqCyAIeSseoApgNRJyYRekqUs-H7J8j-dYvT-JnUrZwbeGW6SbkugMEa5kRBxnJBBqI-TU4aqhDZcFd2POgroHo17K__S-zl_jUFNAALepWYQZzLBy0J7J71xAOsNuw84A5llNr9g8nkkfzjiHphwlQA1hdTQ_Ia4hjEaKiCxsnVpuneUKZvYi_b3JMGbJ32t6crq0i-EGRPW3bjG9fev0HEOdTCIpi5_rhg0i2NVTTD6C9YvUB1R_z_MgPxSI936DGMWHsFX37gz8TmMRC9FCS_1snhtC1a6VdVV0t-N4VrgKSUVjZ3BJRadH_Q8CuWpeS09pFX97B-N00NIhbjMQ9pNBauEnlu3UXZOPOPqNyd_ECIYf0UbEqq4TG5aOY53oQ-jq8ENAholgXvGO8cB6WBZ5Mi79xjj8Sw07ry-k43s_Ijj_OozsY8wbImIKjLf_8LwmaPXnqvUtL_ODarRBFieIsWdReDMeRW5u0V5qPVqPBTkzv6fQX5lxU3xrmzwBolTY6D_a6uIcO7qZXQBeG6xHdwKzL1qmDIOYcxpdc1Aqdy_GvNJtm5jcyoUhdmm3G7W9fdduTwwXqG7d2q27IzeBRLC2UdAmsymtX1Sqh0-9HCOQiMVxAvCMy4LKMC1Jxizze592ALZSyPcnhgnrvD_JDqeJ1_esuUc7PmqfgzREvXuGF6MCZjA0cW5QtyMeTXAO8R1ZcvNUtNqUXcN2qti4dXXaZTmV7HqezPuwTD2kSVbY6kLfZ9oANyoAu49B8RuSn3PdwUotocuhoVDVGg3HsC8_0FduEUiR_9bQwZTgMOlo1qRNEU7qsw-xLRSDwOEKXq4H27JtvgMEQnB3JSotM1dEso3Wh7huoVvdhFWsqfC-6ypHt0rHQVPfqMsar-bU5bW07OYadaNX5qW6-C-ZTXaZnjn5ipilTLzdAS84ZcxRViN7UnIEWoTe560BMByR1-09TQOaO8KEJ5k13pyfEScGJYG5ajUp7wkgdCrgRsGinrha9uoLt2LqyJ3zG4fzaJ3ZIVmxtU1JK0b8_OhJef-mdesMF-c3Z1gHXa9uFdbJjDhyOK4KQGScctv8IQZt79zikUSSeIglu2OccXLmxlO4QahaAgM_LlhDgF3iXqd2JDZjyVHqX60TpdZc8evneX-o0XV2mZMQ92BuecsQBJxei2CExJhFl87zIBBpiCVoMtddJ5pJ85i_ZB61RoLVKQF9rSvcyVABFj49M47O2qO6XEe84NmDWzWYchTBb6VcXKOZ99Pu7TQwqWt6HoFowZ-jyBSmoHejJPIS7ci_QhTsdAPfHUKPeIapwOEpSQVTZCo012mA_2M68XmTxKOZWWK0HE3CKZ_0_Bgc8IxhN9v6AdZtIRTH9tZQJ594NREG_Zd9y0H4wktZJhIPBz7xnvv1S-wrR4pTSrCDKtqV6ReDHC_RrzC5iMXqmeK09Kfx2kpr7gpcCH9AfUricWrEcqk-FMIUKyUfhYucqckFfymhOExyj1ArQvb6lLaFw0VbF-XUodn9dpQ-WixeinDE5j_3IFBvaCoGz-Z0jTHd33QntZOHE0MsC0KTJqDsjk6jwVblBEuA4KCjbiefJV9yF0lEX7_7wItd8VuxoSKbhUtQCIKQ4Nl06Q6EDoUPbVjnBsi5eZ3ng9nQ4RhT12M354UExITu_VXafRMgygtj7ej8mbcRyDUCuFsXIG10PIHSi7haxHeWiIimTNKJCA5RRaqq-ZoabetUdGgrCfChpQdAgZ36xPHkjhIbCu03jaCKNCvwlgUA4zDYDd5ZLyxDX347dzxWyU39YM_NnRoS_6aCDjf3&cid=CAQSTwDICaaNQoCUHQQZdwjkY2V3o2rgYlUR4UuQjOBRLxXMQREyK88T02KwgSmHclOR4f5moZaZGxQMXoSWY5PFdAfBcsYuAPwfMKlBUF-8kSUYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.110.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wf-in-f155.1e100.net

Software

cafe /

Resource Hash

33a473269bdb0d5f79f01dfd43e9f77bc93cbcdbeb48fa37229dcf7849e447c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17393
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F30 0
20 B 96ms
96ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B6OU-ieBlZdr1MZahkgO6v7GgDQAAAAA4AeAEAg&bg=!MTKlMn3NAAZxrfrxUa07ADQBe5WfOLan6BPrTER72CDcAhFTfL_ygzENodzB5FrMLr4gV9QybsmzJHCa3IzmgigUQjcRAgAAAENSAAAAAWgBB5kC0baOyE8F_BXJJPznT0jB-O6-CtqSmKxkux4O7OLv_3JVLk_9zlySZxj7xV2DVP2mCH2GXXnQFur48qWUpwwa3ws2WPTJz2B6GWkBWynqy2mrQb97U_EgTZt4LoY9GUsl3cDHv9JntEvhKcudMxjGFMTYRaXNHGywypvKvnbMYM7RM7MVul62YotjKNlLHqOlvXu_4cR1Qi98wBaWUZhp4OdfMdj_CsPIpy5oy36IoBzoHhbTL6dfCE3A0Twh0rGwfXtmNYBtwQ7qcchdAsdpZnUtNI1FaCIlnBdN2V_LAFL7_MlE0ru4F6AKPaRYTlLS5beZWQssbynac-XNYHINtiWkbH_k4LkINlpaXdmXPe4UyeEgQ1boyxFrdCIrFY9qFq6vh2Z-2W-F52DUtPhjLQrJaGSICJu3xeMiqF6yoG56oucoBLuyZGqL2c0qGpH3U0bJE_qcwSl49mPCwrnpjvNE92CNo6qlXUaZgCYwZd2BmbgG6fwkF8_m4Ep2wKrLnxInSDdPkVRZI1HtHdGpQdPoK_1buN-l57Y5xRwj5TXnKU03lpt3BR_B3bYq22NXoh4QeNUUXB22cOOOPhyGU-EK5EE5HY8itygWU3dSdxmFGRr3FC2ckVxXBG4CZQbJ8HVJOK__-bb6zzHN_apOfjYRXCzogd5EN7VMIcLmu9HReGHrINz0paqLMwBbcShNf-LS2VNepWNuPeFzLYIdT2zbgPUmluqPRvDZYYWDdqTbPJy77SoI6wilGwCVMvlwH3w-E5qzH0DJYRGFJrPbAwDZOz7ptvoG4qNIGWYlIsQ55IPjKiZFg9F1eIIcA-x_QMrb1jM5BO6z3nihjw1LyotCIDsbWcpUplHpXlHGbHmXFU-YorYYZ0ayvR8zaRtppvWKKDTSJftMiIwzOPEkw-4zmpL4VTmmYcHmcbYX0UL30G3uqgjoEdMJwmvI-yeZ4JY

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img-top-left_1.png
s0.2mdn.net/sadbundle/1082146099593702948/ Frame 2F67 1 KB
1 KB 65ms
64ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1082146099593702948/img-top-left_1.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e568e0b1bcf0b1c90a5340c0ef36a2dbe3fa5eb746804b57527f58816079a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1082146099593702948/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:18:49 GMT
x-content-type-options: nosniff
age: 318306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1411
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 11:52:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 20:18:49 GMT

GET
H3 200 f2.png
s0.2mdn.net/sadbundle/1082146099593702948/ Frame 2F67 2 KB
2 KB 63ms
62ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1082146099593702948/f2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd1845925e7c5efe94f5f931594c77066e76e1128def2ed530f8ccec6f6ea5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1082146099593702948/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:18:49 GMT
x-content-type-options: nosniff
age: 318306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2085
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 11:52:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 20:18:49 GMT

GET
H3 200 img-bottom-left_1.png
s0.2mdn.net/sadbundle/1082146099593702948/ Frame 2F67 1 KB
1 KB 80ms
80ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1082146099593702948/img-bottom-left_1.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5a2522f7567647fcfb95372786bcdedf152c45e357bed2fce127ca6db22b32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1082146099593702948/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:18:49 GMT
x-content-type-options: nosniff
age: 318306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1154
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 11:52:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 20:18:49 GMT

GET
H3 200 f1.png
s0.2mdn.net/sadbundle/1082146099593702948/ Frame 2F67 5 KB
5 KB 65ms
65ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1082146099593702948/f1.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb64339144a07b539ace2d1dc6468c7935d6fddf6b4910eea42ed08c167d8a03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1082146099593702948/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:18:49 GMT
x-content-type-options: nosniff
age: 318306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4619
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 11:52:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 20:18:49 GMT

GET
H3 200 imagine-right_1.png
s0.2mdn.net/sadbundle/1082146099593702948/ Frame 2F67 25 KB
25 KB 66ms
66ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1082146099593702948/imagine-right_1.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e6f977dd6e649706ad50562cd8c5a90bc0d5fddc9d7be0355042899a3ec8461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1082146099593702948/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:18:49 GMT
x-content-type-options: nosniff
age: 318306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25217
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 11:52:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 20:18:49 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame A9D4 0
0 97ms
97ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvkJroMrhGKr2hi5dx-TUCgt9DqZ6bmQyOMmYrK7g7Iptx2r7BAuNj9dhs6PP596vKnXajPkeNQqJPMapswDUKJLJK_rP6XjAzqMMuSxp-VrwHZ6ddpK-8jLk4nMuzBSK__pn3psQBfSi5q7sdQJ00__-Xt2FvkHiNi-pjKZoZUQNiVNsqXx7-Rp5b4HnLJiQRkrwX_ra3vfEGHSaz0lXdBei9n-J1cSYkUDNlMBPoi839hfAPJIeFF9H6c-1L2jDJXE-vqOKpuAYSwkvrsFfn2690VX-NY1Ae-j9Ax_ajSQHimNNPpAUq4vjDy9Dku2FS9zSdYcdBBL_TmDfswCXjR9ESqnn0EziDxOURDQW3iPKQmYcY6v06dFD-Ru9WvTyk-Ta4or0Hg4NuNtLIeegTxkgDr3W55yAkbvVlChpGgjY-OQABOJ1Uw8O9G9kLaKa90Kw3t8OKWIb-_fRzDezkGB_ml9TamxS9Q7yzsBrepT10XEfl8MN1mxTHCxLtZVeurljq0Na20Vtt-0D5NeH9OyvlPAT2gjE8Y9Y-94OCWpT4Vd-8Wi-clm0s1kTiQ5z1UYfRVjFxDgeEv9Q-u3uB5KnjQk0Y7N_IeetHBFKdGb6u9NYSOlc5fEXTKE9cly196ml40jXtcHNQoSLGiF8Zaaw4g0kIHbiP63QPfv2hBuZDfJuloYXKTwvpLhfZMcmThtD0Tw36nXZqMhnEmseS9diP3aGd3fTe06BNN_dJiL6BFCpWdIvOkcWOXrNlkwbrmIPsVSeL3Gks3lpbj32JnX5Mw8f9yhZXKewa4PosFVzXvppXerJXHCuCpPUJ6CDxN65Opb--9l0Tg4qu4ZjUBgfeyvjs_Tsdd-ttkbKnOIw7sXc94DsGqf10AKqXapxHSyq6By7Pr1Z9cu17QbtNQ714Gr6r1GKdpmBerbeqnEFvmZbmRvYsorrDrRz3LtwKTTfcU6gMoK6HJQddnaW2tE0EW_t3Sv7LhGrOM9G888-w0DOv9k40XP0wudm7WodpIUIslXpoky8fc0uOW-WJi_4GFmVfvUhJ8T3S_Vghy9NRbZky2_p0UEXu3HyuDSsBeEIRx9l5u6patDhckXgFDOwS1wnaLpmbuAK7noiU7fSEq0Mg9U0EQkWisr6iMQJexqyDZQH9lYWIAFlrrtQsVxIWcysx9nUTF6-0LxYOHq1Cv6bE_YThKn8zkKbGjWJ4IQ_NiRO6esLDS7XuYGb-Bv0YDmNWjR2uLDaougUDbEzQk0WzLSzS-fSA-ckm3fbLH&sai=AMfl-YSIFkl4fmwA9Z_3Gv-aSDShF4AwnKVBoCOXlyGS8JN1-BT1BrYyrvCM5W26wyuiJSmGUdKFcPlDelyg-KG8Ibf3lppqUdiaBPprbHrHnUJmhJL0-YFn7Vr-C-D1IiFrReP3RZxejIi0asc8xB3fa-kFtG9w4n62qBIc8p4726arJCiZuJDyjyTPWXZXUvO72z4hqYoWXV1mrlM-WvrZfARJ4SRLhs1aMwj-01GhZX9KJQyetV1PpNJY58i5lqqDmmvMl08HFetzmM4Zo4Ri9Kv1Vy8X_n8POH6VJ1pvPV1SsitXAWHHXoMdd56DKYeAvx750HHAAiHYmnbg7D86yeOx7YbD0iqEWEmpwkd2Oc9_ks6T9OzXAB6vyEMeu1GzL1M9e48IaoU8NQZuSkWJ8jDc8RoV7tY3dSqysuLvuhxCyipOmfcfEoESBDzBdyQLnlxLbi7ARcEeHSjWiTFWs2lOR8b0I8__jSsPBxVp-FzFVnrBnzDiBkAzmDdJz3LZsv3Avw1g8Wh32w&sig=Cg0ArKJSzN5uv9ATutyHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYW1wYW5pYWxnLnJv&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=401&vt=11&dtpt=294&dett=3&cstd=106&cisv=r20231109.96441&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 f2-1_1.png
s0.2mdn.net/sadbundle/17126041573053037717/ Frame AFB2 2 KB
2 KB 65ms
65ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17126041573053037717/f2-1_1.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5852ae8672e799f075acce9e6a132b779e5c17b87a49e82a747939f18722756c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17126041573053037717/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:18:36 GMT
x-content-type-options: nosniff
age: 318319
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1673
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 11:52:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 20:18:36 GMT

GET
H3 200 f2-2.png
s0.2mdn.net/sadbundle/17126041573053037717/ Frame AFB2 3 KB
3 KB 63ms
62ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17126041573053037717/f2-2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cc0df987c5b73dd327c5c9391bcb192e2449ed107d0b8adeaba51313fdbb677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17126041573053037717/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:18:36 GMT
x-content-type-options: nosniff
age: 318319
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2938
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 11:52:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 20:18:36 GMT

GET
H3 200 buton.png
s0.2mdn.net/sadbundle/17126041573053037717/ Frame AFB2 3 KB
4 KB 81ms
80ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17126041573053037717/buton.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8024065641286081ec2e5de667b216526c5679d5090ef09b8165afdf1a8c0cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17126041573053037717/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:18:36 GMT
x-content-type-options: nosniff
age: 318319
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3572
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 11:52:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 20:18:36 GMT

GET
H3 200 f1-2.png
s0.2mdn.net/sadbundle/17126041573053037717/ Frame AFB2 3 KB
3 KB 83ms
82ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17126041573053037717/f1-2.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6115efbc7ef4dde83198a8aebbe296b81f4caeabda2272bc2ed8e69125b8a332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17126041573053037717/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:18:36 GMT
x-content-type-options: nosniff
age: 318319
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2872
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 11:52:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 20:18:36 GMT

GET
H3 200 top-left.png
s0.2mdn.net/sadbundle/17126041573053037717/ Frame AFB2 1 KB
1 KB 80ms
79ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17126041573053037717/top-left.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96c873a8821c4b0e9f640ef95195457dadf64b1905718fbe2ab8d29faed5b0ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17126041573053037717/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:18:36 GMT
x-content-type-options: nosniff
age: 318319
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1410
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 11:52:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 20:18:36 GMT

GET
H3 200 f1-1_1.png
s0.2mdn.net/sadbundle/17126041573053037717/ Frame AFB2 7 KB
7 KB 85ms
84ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17126041573053037717/f1-1_1.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b58dafa6ba35078aabe7bc71efcccd9b8de59b6ed85dd9d58f06d632500ee46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17126041573053037717/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:18:36 GMT
x-content-type-options: nosniff
age: 318319
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7553
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 11:52:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 20:18:36 GMT

GET
H3 200 background.png
s0.2mdn.net/sadbundle/17126041573053037717/ Frame AFB2 32 KB
32 KB 65ms
65ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17126041573053037717/background.png

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563cbabae5ca3e764d0b34afbbafa056d5dbf8002d947822b73e2a8d405d7969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17126041573053037717/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:18:36 GMT
x-content-type-options: nosniff
age: 318319
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33214
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 11:52:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 20:18:36 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 47E5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CxpTAieBlZeH0MtWn5LcP5MuemAispZ-ja928wO2nEY_0kOPXAhABINWn6JEBYIMFoAG0msTlKMgBAakCJOq1-M6MjT6oAwHIA8sEqgTwAU_QeHcgsPvPOO0WMOPv8h5dKz3E5IelVUmLl16...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223740387306139247685%22,%22debug_reporting%22:true,%22destination%22:%22https://screenyo.ro%22,%22event_report_window%22:%2...

0
0

218ms
96ms

Fetch
text/css

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223740387306139247685%22,%22debug_reporting%22:true,%22destination%22:%22https://screenyo.ro%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210950348084%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210363076273086745793%22}&andc=true

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:55 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3740387306139247685","debug_reporting":true,"destination":"https://screenyo.ro","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10950348084"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"10363076273086745793"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Nov 2023 12:43:55 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Nov 2023 12:43:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3740387306139247685","debug_reporting":true,"destination":"https://screenyo.ro","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10950348084"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"10363076273086745793"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame DB2E 39 KB
15 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4416187608269653&output=html&h=280&slotname=1612145161&adk=1822270545&adf=721852255&pi=t.ma~as.1612145161&w=792&fwrn=4&fwrnh=100&lmt=1701175433&rafmt=1&format=792x280&url=https%3A%2F%2Fapkaio.com%2Fapp%2Fcom.einnovation.temu&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175433283&bpp=1&bdt=402&idt=420&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=482684741681&frm=20&pv=1&ga_vid=850511072.1701175434&ga_sid=1701175434&ga_hid=2013553847&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=204&ady=598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44809005%2C31078297%2C44807763%2C44808148%2C44808284%2C44809056&oid=2&pvsid=2689942037186271&tmod=1814871535&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=423

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 00:36:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B337 0
20 B 97ms
96ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BYb4tieBlZdrEMYOqkwOs2oqwDgAAAAA4AeAEAg&bg=!BwSlBEvNAAZxrfrxUa07ADQBe5WfOHqBUdXumQuunEcNqC6EIZtzxZ-yPZu02NLyK0EZgsivDcjAT6TfsCiRcWIGfiICAgAAADhSAAAAAWgBBwoASOBn9AX54hyPtTvOv-_aDttQ5uAROLXYyO7yhEb71X7O0YeXhhfGMM1bOrGIV2TVG8Kk3NVNWd470pcaWE-mEs2R53vbdfT44JkC1bECH4MQ797-hROqutKcQ1EnnjIP0zd4Gm_Da-B1q_fy96C_2C-fFSvtzLFjWlE6TIJIV7MUs1ONJWS6JoMMY2PdhjH7KKq85VTJICjy3sK6x7UDJLCCLZKTPODI_j_l3jFrlvLS1ZbqD3sfQac-Jo8HHocFKSSNpCDPzJcDxImV1cnGDkBI6J3hrA1LMXBcDWiMRC0jMgWCrd3fPS5kNno3CiTRb721NRz1H0WA4dadvMtRsv3TKf5QKDUAkkaQruhoU5q6_42s4c2ZmJqIPD8K-GPK3QeMbYYrXaMD8s4Twie-TDxybPk5I0XJ3Hsq2c1417parpkGVVn0Bx844VaPiHizW0vXw0CRKSfmZve2sFeTEKD_9wknASdM3a1v8GRfFDE_JzfGbaHWO2k_lXIQJOYccb74J8Us-VtwA2pfzJj_pv6iGMG0YbgroLwx1S90-gms7fr-yCvmvazCTkhmLkS86H-0CXNzNfIAbCMc1AuMB0UHH3-YPjsHBFr83XcZlJsJha9TBfdg74I9lW59x9fWLWsdbxD9QYdHBGLLmnComIwDrNzLaJjctXYehitU7de_tGApDqJdDppaPBNVwE6ERMn95tF94HNRY1zQwDKWKelw10GOOH26OqbbQp67uq2WxLp9z_QgnVhvu_OXkZccRACaAwnnlcUzzDcAZnwjSheX4wFDPtvbTfK2ZzTpS6hIGWrWzhQ7bpb51rzjd4XHnamcr_eDRDFglv2EW3OfpsoaylFz0iRC9BDGmaISnosc8CRU6DAO4rr-06OeDH3Oj5csJXaPHG5oYyWP5WHiCdKDornqCkI7tpqdyW7DtC60rk5eSg2reh5f6hjaM780hzxcw_MFVf8KnSbFyPH8DFxJoUw07X66WPPZHsnx-5ecCgVZbzMRUHqUnnYacEO9HC4nNFv72yEMyi1ejUeTEj6Ti4_pm9WuFMpoluP1LTmD

Requested by

Host: apkaio.com
URL: https://apkaio.com/app/com.einnovation.temu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 112ms
111ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7861946916e38a11af474c66975ca260bc85fbbd3e08644a9207eabf918e024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12059
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 250ms
95ms Preflight
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 12:43:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 157ms
157ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 12:43:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DC93 13 KB
5 KB 60ms
60ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apkaio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 8765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 10:17:50 GMT
expires: Wed, 27 Nov 2024 10:17:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E503 829 B
997 B 71ms
70ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2a23cc486e9f0ee7a4924b31e0da5e5947a51186fcb752ffc2ffc745705e471c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l4fu1BsMqU5cbSdfZujI7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://apkaio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-l4fu1BsMqU5cbSdfZujI7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:43:55 GMT
expires: Tue, 28 Nov 2023 12:43:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 csi
csi.gstatic.com/ Frame 67C9 0
54 B 143ms
143ms Ping
image/gif 2607:f8b0:400c:c18::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lpibxijl&c=7766358398983&slotId=3883179199491.5&qqid=CJetu6vc5oIDFQPVZAodLK0C5g&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c18::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 67C9 41 KB
15 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 22:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Nov 2024 22:32:49 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-ixh7yn7d.c.2mdn.net/videoplayback/id/80327d0f49d9fe19/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732711435/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 67C9
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/80327d0f49d9fe19/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732711435/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-ixh7yn7d.c.2mdn.net/videoplayback/id/80327d0f49d9fe19/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732711435/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

302ms
172ms

Fetch
video/mp4

2a00:1450:4026:2::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-ixh7yn7d.c.2mdn.net/videoplayback/id/80327d0f49d9fe19/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732711435/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/23825DE1AD16FF69402778523C658A46EF34341E.75FD61515B850F6B6B264A453EFD149061AEC4B8/key/cms1/cms_redirect/yes/mh/ci/mip/2a0c:f040:0:2790::4e/mm/42/mn/sn-ixh7yn7d/ms/onc/mt/1701174414/mv/u/mvi/1/pl/58/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4026:2::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 12:43:55 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4302542
Last-Modified: Wed, 13 Sep 2023 13:25:17 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 28 Nov 2023 12:43:55 GMT

Redirect headers

date: Tue, 28 Nov 2023 12:43:55 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-ixh7yn7d.c.2mdn.net/videoplayback/id/80327d0f49d9fe19/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732711435/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/23825DE1AD16FF69402778523C658A46EF34341E.75FD61515B850F6B6B264A453EFD149061AEC4B8/key/cms1/cms_redirect/yes/mh/ci/mip/2a0c:f040:0:2790::4e/mm/42/mn/sn-ixh7yn7d/ms/onc/mt/1701174414/mv/u/mvi/1/pl/58/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame DC93 39 KB
15 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 12:29:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E503 0
0 94ms
94ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2689942037186271&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame F14B 23 KB
8 KB 60ms
60ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 262320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 11:51:55 GMT
expires: Sun, 24 Nov 2024 11:51:55 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame F14B 39 KB
15 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 12:29:43 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DC93 0
10 B 60ms
59ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wh6mDw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:43:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F14B 0
20 B 97ms
96ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B0udOi-BlZbO9DZeS2fcPs_6ZyAgAAAAAOAHgBAI&bg=!oaKlou3NAAZxrfrxUa07ADQBe5WfON760FiHpuYzFnHC35SQ3Oop5EN6TWYAA8e8fC-QhRkvLiUeGVWM8z7bGwos1aSMAgAAADpSAAAAAmgBB5kDBqyd3X3gRMlfhHQW5SHO505PAvIULrgE0H8f7ix3EU-BxtI5gpxJF-ld335NUFXAFRRjcBN8U536I0iw-giDMh_dBS3pKCiGE1kzuO4ZeKNpm13GwEbasaoiQcL3cjhxXDdGkj9x3VVaw1_SmCIicIRxWqiXCG-gA_u3ZYGTNU6H3SeNVT_c_KQSW6y8iMR25NIgpZ8xTbY1eJPeuWeNiD4U1SKH-pAbeXNu6qllEWwpHQ_pRthBR4Bngt5HP2Q9nivqM0PS9zO_aw2bTi0GQjuICE_vLxmYDPOQuJsEL-usHwRi5Vy_RIGGFq_p8ekBn0VsS_8Og1vllKf0R3HAvs69SLp2RiQ3MxrV6m2dVJBXBPykTYPRdeXYuHTsO2_aCPh7s5SrZb7iH6ppUPzUKEyVnRmwsa253GaCRojsNok7BjLmkwxnh6UCHGnpUsn2uq3SdsF2Uakunu_QspSVZFpztcdYoTn2b2cMUmEVQPY3llVOuNGSIV73iDegvKIrAxXwm3yypmT4Ff3vk-ddFWMoFxbSOLp1F7bvNKQheoaeoPNjQCgGixm6gfq0VYwlqjopkbmmthde6AoPFkEIi9jTW00_DFaLR5VV6BgnM-KZLxzzhS9-YNGMvlqKEuk08OWbUQm_sZnAC0VBsaKyxKwj5KV_7wI-f6y2U5uP4B4QbAlwqmctRMWZDx9Kbo6J884LUzphdWglXLDw4JzEqHcy6G-o7691ddRBen4MgP9SiThkGJcMC0QFv_-UeFwLRwZBE1F7CHUTKcFKgq1mQMVECvX24uI5GzEFhQWUU3YfolQjlTVxsOwFQV02T899lUT6tiZ5Sv253xmATzu3Z_YizgJV8ReKsBtBcdWXiP4L4hcPQPlXtqXIolLdBLoDko3w8laXZU8dqTWU0H5zHziDUmlV-LRDX68JqAdp0rZiZM1zCF_F-WkDqAuOZJ04p_3fpCR7UW9Pic_BfpoVjOjCeXp9FuJ61t53ONdnTmc4JSWScMJSIhJc_a27ssLA9ZoV_kHe3Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D41E 42 B
64 B 98ms
97ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLe0s-qCwKrfogLDgYZP9x6zBIo6hANqpiLCz0eVt7K3wyvXmbmsOvvrxNpmW8ethuTsMrLEX3XjhU1MMupCkTAR3hqx_ZGF79Sr-kmC0cvEuKdSon_AlW6jherSBBxfYwj1y0mMDDLWDo&sai=AMfl-YToWMfO9Jv3s1XqXMGKG3_T3z6eKIVojo4ppCZxt-Ot9jLztThnKDX7ZI1L9WZZlyFB0QvDQSUYkH0VCpj2VKz6noRhmFyoapMpNthLGjQv2k8SxM4WOOoLebU_2MZ-DaF8k8zw1vnXLhOJ3RjH&sig=Cg0ArKJSzKJAe_MidTnlEAE&cid=CAQSTgDICaaNuVPlsA47W4gysgwizQivFM-9wwTxU25pPbWvN5Ofn-XQszvX2i9fzp2eDI-EC_wS8ebaGPRhswawhzTFsqA4fO8aEHNKyyLdchgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3721280051&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701175433709&rpt=1250&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=5

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r1---sn-ixh7yn7d.c.2mdn.net/videoplayback/id/80327d0f49d9fe19/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1732711435/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 67C9 132 KB
0 65ms
31ms Media
video/mp4 2a00:1450:4026:2::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4026:2::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 28 Nov 2023 12:43:56 GMT
date: Tue, 28 Nov 2023 12:43:56 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4302541/4302542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4302542
last-modified: Wed, 13 Sep 2023 13:25:17 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A9D4 42 B
64 B 97ms
97ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqWz3s7DK1vXr_YwgpmPkacFIiafUDbZRNvF9vR0tMFjTKdhPXKt3zl5aSWdY1EKzcdimgerNF2ypk7goxjcItGlBY8NzrLHbeZjOkPgNBok0qDkYgLRIxkd7gjdCUqNvLsffjscZRDp2k&sai=AMfl-YQowUlY1NeVsJeUzv9gRJY744E8Rvx1po2uradpIIBEgkVxdA_qwK-4qBEtWWDzbIYtOzfGZZJUow1IX7LzzkmluDUAK9oWMP8MUYhRFItXvDo5nHf9kQUyeej-4sJ1E08tF5I7dPR9uFIxp7fwVg&sig=Cg0ArKJSzKYADZRaAC2hEAE&cid=CAQSTwDICaaNQoCUHQQZdwjkY2V3o2rgYlUR4UuQjOBRLxXMQREyK88T02KwgSmHclOR4f5moZaZGxQMXoSWY5PFdAfBcsYuAPwfMKlBUF-8kSUYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=421,921,1000,1000,1000&tos=421,500,79,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701175434590&rpt=433&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 97ms
97ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2689942037186271&bg=!uLulu_TNAAZxrfrxUa07ADQBe5WfODkRXkqsFDRZEJbcUESn06VqQt76uPXuwpUXjblb29heamRJ219zXFFWGCld5dsPAgAAADZSAAAAAmgBB5kCvNJtQgpDzLcG65E2U5wTiOHhSmjhLm3MCvdKmmmRer3rDuK7SV8KADdYcqJWThm8uzGQ_AxlpM3FBrtMLw9C5gQ2LJSi7ENlFFNxJzMYI2qHhLRZdOdnTy2EjQujqBm7eaqY6KJNgUorUKFsXxFjSwdhKfVyMUVv-A_Pfus_L_suhTyJTRpqusBqYj6WMirmrJB12eFmQX9vdfUBeh1YZQCQrXY1A0Q4ao6W30NAXO5SteimzI2If2b5zLTuhmh7A0VWhR26W8btIXXpiyOl2xT-Ebjt7rHT5VvD-WgtlhukPlhT6dUy4Zsj7adQqaAaGnuqY3gXCCj7yxacOnXJ8sfHkwNfSQ9YJvQ3DPJMIDsD_qvis89Wpg6Myd5por7EnU7Xe4rpC6A5BRm3jqieiuyLxEtFVdvNUIO_E69VWtVt537k1Bt-Gam1F4cYpVoHui5YQQvyf2YvSvTtMGff6wteJLtQMGQ5D6SHllAMb1SQBsN8UfCoOL0x5O9HaLm6vUdlO97oVXlaMk-bxIMoGjXiDm8DleTP4kUTj3nPcfeZKTlvN-FeLfO8BxXJD1Aju4wZPLvnNciqr2z87hUWBitHyi5-GF5i2Sj08Qb0gG0IAwNxr41-wgl-i2LMo_IS6Wlq-tQd2RD2Wv0hMn_21ND7dynS1jz79lAM8yT3JbA3ChjSnoZzGpcLnaBwde70vWQmvRECwRYbH3TwVMFgCaLt2bXe4W0rUdi1Lr9Djvd7fGmxzM959twQrk4Fa9yel3F9ag5DdrKpDid2GyN_agcC3adkJS_Fxb0MGvFhFfFIU4OTp2gHsnwnyZEMkWJyyBQZSW3n2dEt96beMzRNtSETxDh50N-RgG2Gdm2T9ZxmZ_ZcfN1sxktRbXrsnFjUkpelWYkFy7KLdRoAhZhWPhQ2uqQAAN5mOKl-K7g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://apkaio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 47E5 42 B
64 B 97ms
97ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9ZOtiQvZ7qKfBhtAjePULQaU6Z9suV0SEZAcYX_FnIcdZlaWsQh8R5HQIjEfXAFhhljo_JRF-xXMt1NSWPj53U0kTsi4pk8tWyJuj2Or2qWIM62g5imgBOEOQ06sKYDPziaPvfFOdubxW&sai=AMfl-YQbVZRLJWKxBEvdu9kfkzlj-hoTHuVUKtXFjZRtKePHKZfmd8IyYRz4SlyV_SDgmad5sPlp5DgX0yKc1xa6zUgbUrmQhSXZ1r2QC_UD6mSs-0h1wwd0G2uYKBiQcWA8Iw5Gk3SF9s1xnjzKc3X-&sig=Cg0ArKJSzCzG4q22HalMEAE&cid=CAQSTgDICaaN4vuHrRZugpD3waxyo8HNHjrFevMsRjwlZskbGzByA1MGojH3db-QBK1bbKtJ4kC-icZT1PxUuZYpx4KcEkh-DwdarfsKxohwQxgB&id=lidar2&mcvt=1000&p=0,0,280,792&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1822270545&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701175433706&rpt=1417&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 67C9 0
54 B 144ms
143ms Ping
image/gif 2607:f8b0:400c:c18::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lpibxiup&c=7766358398983&slotId=3883179199491.5&qqid=CJetu6vc5oIDFQPVZAodLK0C5g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=576x1024&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1ch~vil.1v0&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c18::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:43:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
apkaio.com/	1970-01-20 16:33:02	Name: XSRF-TOKEN Value: eyJpdiI6ImJcL0FQbXgzcUZMazJhU2N5VlwvUFZLQT09IiwidmFsdWUiOiJFRFZuSkt2T0x2dms5c1czQWxyT1pZUTRORjRaTUY3RGdOT25tUm80bVwvcVZ5eGhCb1QxU3JzNUdNTEFPTkptdExpOGZLSmdrMjJFaHJqQXNCUHo3emc9PSIsIm1hYyI6ImVhMjFlYjQxMjQ4MTc1NzgzMDliM2Y2ZmU2NTU3NDNkZDYzZjkxM2FmYTFlODljY2FhMGVlODhlYmE0MzdkMDUifQ%3D%3D
apkaio.com/	1970-01-20 16:33:02	Name: laravel_session Value: eyJpdiI6ImlCbFZvTUNZZjdocXE2QURTWlNMTWc9PSIsInZhbHVlIjoiZ2pLOEszUTFOeElFWGVKaElQU2dCS0ZKZllLRit1Y3NkYXVhNkRtZTc1V09qMzkyZHdTMDExMFNoWEJPbXdmWWNOSk5hUGJNU3gyTlJrTlJiNnBicUE9PSIsIm1hYyI6IjcwZWE4OGE2NTBkOTM1OTFlYjE3NmYxZjkzNzBjZTk3MDA0OWE4MDY0OGFiOTU3NTk4NTdiNGYyNjJmZGMxYTEifQ%3D%3D
.apkaio.com/	1970-01-21 02:08:55	Name: _ga_2Z7DCTV0BJ Value: GS1.1.1701175433.1.0.1701175433.0.0.0
.apkaio.com/	1970-01-21 02:08:55	Name: _ga Value: GA1.2.850511072.1701175434
.apkaio.com/	1970-01-20 16:34:21	Name: _gid Value: GA1.2.361460031.1701175434
.apkaio.com/	1970-01-20 16:32:55	Name: _gat_gtag_UA_219351102_1 Value: 1
.apkaio.com/	1970-01-21 01:54:31	Name: __gads Value: ID=6750134d68bebc81:T=1701175433:RT=1701175433:S=ALNI_MZ7OorlP1QjlUf9fq2JL-uUzoP_HA
.apkaio.com/	1970-01-21 01:54:31	Name: __gpi Value: UID=00000ce842fbf9ed:T=1701175433:RT=1701175433:S=ALNI_MYdBy-MG_rVS_kN6doXXXOUtfwEjw
.casalemedia.com/	1970-01-21 01:18:31	Name: CMID Value: ZWXgisfKiQvt0R747hLRlAAA
.casalemedia.com/	1970-01-20 18:42:31	Name: CMPS Value: 683
.casalemedia.com/	1970-01-20 18:42:31	Name: CMPRO Value: 683
.adnxs.com/	1970-01-20 18:42:31	Name: uuid2 Value: 6903530947726365685
.doubleclick.net/	1970-01-21 01:54:31	Name: IDE Value: AHWqTUmlFkj97QzfpigfBOGdyDlyuJdo8TP6tBhuc-IQrw5QjyrjwAvYUi78MLHxhUg
.adnxs.com/	1970-01-20 18:42:31	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%5G(Os4!@wnfH8K6pQK`!5=E<*L5?%M3ddo-E3`_wJf[W>@h/:kef):3RA1sr?t`Vfo%nugO%v4VB%nlT^)^xgP
.doubleclick.net/	1970-01-20 16:32:59	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 20:52:07	Name: APC Value: AfxxVi4ZUlbnulU_PKY5WwWB75YSzu1ZeyfFg3Wrhld_Cc-87xtUtg
.googleadservices.com/	1970-01-20 18:42:31	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ajax.googleapis.com
apkaio.com
bid.g.doubleclick.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
r1---sn-ixh7yn7d.c.2mdn.net
region1.google-analytics.com
s0.2mdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.110.155
142.250.185.102
142.250.185.226
172.64.151.101
185.89.211.12
2001:4860:4802:34::36
216.58.206.34
2606:4700:20::681a:33d
2606:4700::6811:180e
2607:f8b0:400c:c18::5e
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::200e
2a00:1450:4026:2::6
024e6aca99ec463a7c7582b57eb080489dc48717ca3fbd6c481f17bdfd8b3ec9
08d75b5efe81a77e5662b604db053d1d0ff9e0d8e9625d480543e1c5b68afb49
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0cc0df987c5b73dd327c5c9391bcb192e2449ed107d0b8adeaba51313fdbb677
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a23cc486e9f0ee7a4924b31e0da5e5947a51186fcb752ffc2ffc745705e471c
2bbb16671d748ef16f17771bae8d07d5a7a5ac7dd4bbfe36864084fd58ad0fbd
2bdeec00025ea2b139ed2207bdee5c20e2c08cd6583204563746a993a02650f7
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f78d54d32613b62edfe1137adb05245679a6114834bb678601e5eb41e959b52
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33a473269bdb0d5f79f01dfd43e9f77bc93cbcdbeb48fa37229dcf7849e447c5
3abc8cdea676b19921fcb7d9da5eb4abf40ae85c302f5567bdc550989bdd62e9
3bac01643aae421f048dc667f14c02b2cfd535b4772b07a5ab941335cc089b75
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
4167e90d3f9bf4b7900f41e78e26255acd9e0fdbac103870e892f4c16a996c02
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
45077a62256e8bed67dbae7d5ee5f66eb91686f6b593c32e1201dcbea27de303
48a3335cafde47235e30efe9e84b9a36243981e5b0574a6834dc26880085ddde
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563cbabae5ca3e764d0b34afbbafa056d5dbf8002d947822b73e2a8d405d7969
5852ae8672e799f075acce9e6a132b779e5c17b87a49e82a747939f18722756c
5c1f6a49aaccba2aae83e711e57956d2d77dca7e87fcb66605971c331e0b52f1
5dbfaf4b50fcb8ebeb01bc8ca0999506ae9defaae24bcdd5415178c0eb1c6615
5feb590434f658e1a0b750d61921a310a16c82e6fe5677f4927c06256d380563
60ad16bb8450582ed38381f257f8378d8c252e6c4df6285064d5f6c109f2e5d8
6115efbc7ef4dde83198a8aebbe296b81f4caeabda2272bc2ed8e69125b8a332
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
7e568e0b1bcf0b1c90a5340c0ef36a2dbe3fa5eb746804b57527f58816079a0e
80eafa443ebe8e938b6e82c2f07796e6781fcf35b617f8c690d8b88a91559d8b
85f470814bb27b1667398377b6230bcb02190fd5c91994f27ef0e8c061c804a9
89c893ae0ca160b15ba224d90b4f6ce167c313c0a8f512c85d52a207dc0b5581
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
96c873a8821c4b0e9f640ef95195457dadf64b1905718fbe2ab8d29faed5b0ff
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9b58dafa6ba35078aabe7bc71efcccd9b8de59b6ed85dd9d58f06d632500ee46
9c9ac8cc3c794d3b2472fa55ff9b739a1f05906c277ffc7c939c10121262dce3
9e6f977dd6e649706ad50562cd8c5a90bc0d5fddc9d7be0355042899a3ec8461
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a5a2522f7567647fcfb95372786bcdedf152c45e357bed2fce127ca6db22b32e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29004597303e141c1851ec390866c330b0a8de858472d13bb4d7770ebf3d84c
b3a5566face86456050b509469d96d769dd62155f8231924f1291e01fffb270e
b7861946916e38a11af474c66975ca260bc85fbbd3e08644a9207eabf918e024
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
b8b4d17a4c98cc68c2726db6505981436dd5b51369c425faf9da7e2f7a193cf0
bbfa56e54c4085cbe603f989e054ffea2afe6cd71ff78579350cbe16e6b87353
bdfa5fd9b5f6417a2f5a463c4916f10ae044087d132b9ae8a0ca3ecadbdcf7cc
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c7c3c43fbd1493c086616633b4ff9b52d41274441633f40ec70fd142dc725a36
c907d04f737c793eddefb421897d783245d28e0ffcaed10af9184b1f1446601c
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d2ab86f8e7a02aad7110782eee34603976836101fa91c5c553657a7fa6287b17
d7b50d217b497a32fee082b3d7c373785fc6448243a284cd0de09f6d3fd9039d
dbeda291ee7e1be3e19180c35c05530fe17d4bc7a31d21a8ac2584b471453e80
dcab0e6da861ef75f9bbd722e81a1d7f0746b70d18235d672b09dfba2fb0fd7f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8024065641286081ec2e5de667b216526c5679d5090ef09b8165afdf1a8c0cd
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
eb64339144a07b539ace2d1dc6468c7935d6fddf6b4910eea42ed08c167d8a03
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09fa897f6e84e5fbd6529296e087e2ae8f07ba5badd7ca6c30d40ac14b4aa58
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fdd1845925e7c5efe94f5f931594c77066e76e1128def2ed530f8ccec6f6ea5c
fe20ff2859b2752e04b026435eb9651c339d0a6a5805f825151bb11521bd644c
fe6ba465a5b9158cb73a88e5d8b618785d5e2a2d82aea3beb8f3f1c6f18a8443

apkaio.com Open in urlscan Pro 2606:4700:20::681a:33d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

132 Requests

92 %HTTPS

76 %IPv6

14 Domains

25 Subdomains

25 IPs

3 Countries

1600 kBTransfer

4437 kBSize

17 Cookies

0 Outgoing links

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

apkaio.com Open in urlscan Pro
2606:4700:20::681a:33d Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

92 %
HTTPS

76 %
IPv6

14
Domains

25
Subdomains

25
IPs

3
Countries

1600 kB
Transfer

4437 kB
Size

17
Cookies

132 HTTP transactions
3 data transactions