www.appopener.com Open in urlscan Pro
76.76.21.22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://appopener.com/yt/oa2f72yep
Effective URL:
https://www.appopener.com/yt/oa2f72yep
Submission: On July 08 via manual (July 8th 2023, 11:30:16 am UTC) from KR — Scanned from DE

Summary HTTP 175 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 21 domains to perform 175 HTTP transactions. The main IP is 76.76.21.22, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is www.appopener.com. The Cisco Umbrella rank of the primary domain is 204147.
TLS certificate: Issued by R3 on June 22nd 2023. Valid for: 3 months.

This is the only time www.appopener.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
10	76.76.21.22 76.76.21.22	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	13.249.9.128 13.249.9.128	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225b:f800:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a05:d014:776... 2a05:d014:776:a63e:931e:6ac2:944b:f27e	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	216.24.57.253 216.24.57.253	397273 (RENDER) (RENDER)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4009:818::2003	15169 (GOOGLE) (GOOGLE)
1	74.125.206.154 74.125.206.154	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:10::9	15169 (GOOGLE) (GOOGLE)
5 6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	52.213.224.28 52.213.224.28	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
7	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4	2600:9000:213... 2600:9000:2134:9000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f18:1ac... 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7	14618 (AMAZON-AES) (AMAZON-AES)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
175	36

1 76.76.21.21 (Walnut, United States) 1 redirects

ASN16509 (AMAZON-02, US)

appopener.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 76.76.21.22 (Walnut, United States)

ASN16509 (AMAZON-02, US)

www.appopener.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.249.9.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-128.cdg53.r.cloudfront.net

otpless.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:f800:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d014:776:a63e:931e:6ac2:944b:f27e (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.24.57.253 (Sweden)

ASN397273 (RENDER, US)

app-opener-api.onrender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4009:818::2003 (London, United Kingdom)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:10::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5lznes.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (Staten Island, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.122 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.213.224.28 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-224-28.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2134:9000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160 ade.googlesyndication.com — Cisco Umbrella Rank: 307	521 KB
32	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 bid.g.doubleclick.net — Cisco Umbrella Rank: 810 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346	195 KB
16	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 951 static.adsafeprotected.com — Cisco Umbrella Rank: 624 dt.adsafeprotected.com — Cisco Umbrella Rank: 542	198 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	103 KB
11	appopener.com 1 redirects appopener.com — Cisco Umbrella Rank: 197745 www.appopener.com — Cisco Umbrella Rank: 204147	110 KB
9	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1112 r4---sn-4g5lznes.c.2mdn.net — Cisco Umbrella Rank: 704015 s0.2mdn.net — Cisco Umbrella Rank: 325	157 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88 imasdk.googleapis.com — Cisco Umbrella Rank: 500	136 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	4 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1623 www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	3 KB
4	otpless.com otpless.com	111 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	169 KB
3	ezoic.net go.ezoic.net — Cisco Umbrella Rank: 15286 g.ezoic.net — Cisco Umbrella Rank: 17517	5 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1425	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 496	418 B
2	onrender.com app-opener-api.onrender.com	477 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	134 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1529 Failed	63 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4752	408 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	603 B
175	21

	Domain	Requested by
37	pagead2.googlesyndication.com	www.appopener.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com www.appopener.com pagead2.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.appopener.com
10	www.appopener.com	www.appopener.com
8	dt.adsafeprotected.com	googleads.g.doubleclick.net www.appopener.com
7	googleads4.g.doubleclick.net	www.appopener.com
7	fonts.googleapis.com	www.appopener.com googleads.g.doubleclick.net
6	s0.2mdn.net	www.appopener.com s0.2mdn.net googleads.g.doubleclick.net
6	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	csi.gstatic.com	imasdk.googleapis.com
5	fonts.gstatic.com	fonts.googleapis.com
4	static.adsafeprotected.com	googleads.g.doubleclick.net
4	fw.adsafeprotected.com	2 redirects www.appopener.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	otpless.com	www.appopener.com otpless.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	1 redirects www.appopener.com tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.appopener.com
3	adservice.google.com	pagead2.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	r4---sn-4g5lznes.c.2mdn.net	www.appopener.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	app-opener-api.onrender.com	www.appopener.com
2	g.ezoic.net	go.ezoic.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	www.appopener.com
1	code.createjs.com	s0.2mdn.net
1	ade.googlesyndication.com	www.appopener.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.google.de	www.appopener.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	go.ezoic.net	www.appopener.com
1	appopener.com	1 redirects
175	38

This site contains links to these domains. Also see Links.

Domain
youtu.be

Subject Issuer	Validity	Valid
www.appopener.com R3	`2023-06-22` - `2023-09-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
otpless.com Amazon RSA 2048 M02	`2022-10-14` - `2023-11-12`	a year	crt.sh
*.ezoic.net Amazon RSA 2048 M01	`2023-02-24` - `2024-01-15`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
ezoic.net R3	`2023-05-20` - `2023-08-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-05` - `2024-03-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-06-20` - `2023-08-29`	2 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.appopener.com/yt/oa2f72yep
Frame ID: E1EADCCA96DF2EE87B82E09F1866D718
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20190131/zrt_lookup.html
Frame ID: 38295CA492B77F004862CC9ECC6994F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&adk=1812271804&adf=3025194257&lmt=1688815810&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815810475&bpp=458&bdt=270&idt=459&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6883907483760&frm=20&pv=2&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=478
Frame ID: F666BFAC00715D321E8EB3D807B4CD47
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=280&slotname=9492391764&adk=3497407662&adf=1573534164&pi=t.ma~as.9492391764&w=1200&fwrn=4&fwrnh=100&lmt=1688815810&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815810957&bpp=2&bdt=752&idt=2&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RF2loUTUyL&p=https%3A//www.appopener.com&dtd=10
Frame ID: 648F4E0A18641B35891C3FF67C5AF2D4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=6552881547&adk=3552395109&adf=2735220127&pi=t.ma~as.6552881547&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811428&bpp=1&bdt=1223&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iZ9PbHMfko&p=https%3A//www.appopener.com&dtd=7
Frame ID: 91B302833BB0BD34048082286F769EBE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=4955640795&adk=1541465834&adf=2575509664&pi=t.ma~as.4955640795&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811439&bpp=1&bdt=1234&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280%2C227x600&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=bFglzNViRN&p=https%3A//www.appopener.com&dtd=6
Frame ID: C37D2667BE76A6FF3322D67EC69A7C02
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 46706A9706AAF5AF0DF688062506D40E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20110914/zrt_lookup.html?fsb=1
Frame ID: 26E60F64C4D9076AA382EA1A769835A0
Requests: 28 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js
Frame ID: 15517C212D84104309D0B0F7531CF9A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNXNQreqKpel4ouwnVcO1T5HyMDfLBP-BlZAKqK8V0hLoHvW731jnnCdU10LR4L-5Cr_70QEvV8pSsEWilO6F3UeDSw4ygwz3DggwsrwN3h4aJvEgTY2V1p3L2Kv8dbWQ_frHVsvq_gPlxr23k2Fv09vVsUqi9B2gyssN0s7VmD7rELJkJ8
Frame ID: 7ED0AFAD51C31EC389506754E228FE70
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 20DBD000E59D69E8C7E7B4AC9CC8CD91
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 1ADE55DAE043341A88455B5D6816B920
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 88200F8E1B0A8F28472A7F0DCD062784
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15425370921734795581/index.html?ev=01_250
Frame ID: 32668AE4C429C2152FDDC4BDC1B2913F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNXp28uBlHmePvrQvatBNsYCQrWcYogoaMC20qhWxPoFFhintn5Mq1wXNzgZ6zVrXnQbuQ15b1dJdS8kVhqUP-pmKHvUIkGY7h0L4u_HFMBod4R5I31Yrr9O1oGndkaOkLdUAn75NDWHyJdRcnQqDh71KRWCdewcN2rN0czICgifB88PeGE
Frame ID: FA03F2C86E6042288E0F23E22C73BE3E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 3415ADD7849CA947BC2F2E300CC28AF1
Requests: 25 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 3C398B7C2453FB668028DF34C3F9CD56
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 50D787271DE6676449C55FD52A6C6E72
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15425370921734795581/index.html?ev=01_250
Frame ID: 612D0D4A9D8D14BF2DF70259E281D765
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: AECF75DB00C9A30C42B73E442EE34F89
Requests: 1 HTTP requests in this frame

Frame: https://otpless.com/auth/index.html?login_uri=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&sdkPlatform=JS
Frame ID: 3BB2CDCC874417F2328D9B11327CF230
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 98035AAA002E4AFC618BE247B7B39B0B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F52C752E584ED97E0DA44CC610BF7AC6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AppOpener.com

Page URL History Show full URLs

https://appopener.com/yt/oa2f72yep HTTP 308
https://www.appopener.com/yt/oa2f72yep Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

175
Requests

93 %
HTTPS

64 %
IPv6

21
Domains

38
Subdomains

36
IPs

7
Countries

1926 kB
Transfer

9129 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://youtu.be/FbxoFE56Fto
Title: Continue to the Link

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://appopener.com/yt/oa2f72yep HTTP 308
https://www.appopener.com/yt/oa2f72yep Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 73

https://gcdn.2mdn.net/videoplayback/id/39af86965829d928/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720351812/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/7CA79FB76244383A396B099B8CC9E72CF3E0096F.9E311C3905BCF755973B651053B612EBE2DE56AE/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/39af86965829d928/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720351812/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1E78601F6117B641B4D0058FF646F766379F6B4E.1795E2C125F3B90E518085AE3569AAC410590C06/key/cms1/cms_redirect/yes/mh/OT/mip/2a01:4a0:1338:92::9/mm/42/mn/sn-4g5lznes/ms/onc/mt/1688815075/mv/u/mvi/4/pl/36/file/file.mp4

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoGphEsny3UUcdg5XrOa08&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoGphEsny3UUcdg5XrOa08&google_cver=1&C=1

Request Chain 85

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKlIxPYQq2JBVcKUJ6NGQAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoGphEsny3UUcdg5XrOa08&google_cver=1

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAsew21YIFQRwgjuxwV-j3s&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAsew21YIFQRwgjuxwV-j3s%26google_cver%3D1

Request Chain 87

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc4MDc5NzM5OTMzMDIyODc5MQ%3D%3D

Request Chain 120

https://fw.adsafeprotected.com/rfw/st/1475223/71249285/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-5645705217995911&ias_chanId=1&ias_placementId=20111337730&bidurl=https://www.appopener.com/yt/oa2f72yep&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0icCea2VT_EaV10VSr2MJtw&adContainerId=brand_safety_xEipZPrAN6efjuwPi82v-A0&cbFunctionName=goog_wrapCb_xEipZPrAN6efjuwPi82v-A0&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.appopener.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.appopener.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5645705217995911%26output%3Dhtml%26h%3D600%26slotname%3D4955640795%26adk%3D1541465834%26adf%3D2575509664%26pi%3Dt.ma~as.4955640795%26w%3D227%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1688815811%26rafmt%3D1%26format%3D227x600%26url%3Dhttps%253A%252F%252Fwww.appopener.com%252Fyt%252Foa2f72yep%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1688815811439%26bpp%3D1%26bdt%3D1234%26idt%3D1%26shv%3Dr20230705%26mjsv%3Dm202306290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D5a631f4aafc70d22-2213c3adb2b40037%253AT%253D1688815811%253ART%253D1688815811%253AS%253DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q%26gpic%3DUID%253D00000c38a7b74a87%253AT%253D1688815811%253ART%253D1688815811%253AS%253DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q%26prev_fmts%3D0x0%252C1200x280%252C227x600%26nras%3D1%26correlator%3D6883907483760%26frm%3D20%26pv%3D1%26ga_vid%3D971080236.1688815810%26ga_sid%3D1688815811%26ga_hid%3D614847232%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D87%26ady%3D699%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759842%252C44759875%252C42532316%252C44788441%252C31075885%26oid%3D2%26pvsid%3D3863357890557807%26tmod%3D1934160056%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3DbFglzNViRN%26p%3Dhttps%253A%2F%2Fwww.appopener.com%26dtd%3D6&adsafe_type=bed&adsafe_jsinfo=,id:627dbc86-4b88-c3ac-78f2-d11da0a30445,c:hM4zRj,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6b6dfd5f7-8kfhd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tJpV2Qn+11%7C12%7C131%7C132%7C1411%7C151*.1475223-71249285%7C1511%7C1512%7C1513%7C161,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:22,oid:cde70ff4-1d82-11ee-89e4-bedd1930331e,v:19.8.425,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFC61MnteF1NGWDC05OWfVI&google_cver=1

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEGS90Ez4EP-A8BbAozELIrg&google_cver=1

Request Chain 146

https://fw.adsafeprotected.com/rfw/st/1475223/71249285/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-5645705217995911&ias_chanId=1&ias_placementId=20111337730&bidurl=https://www.appopener.com/yt/oa2f72yep&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i8pl7-hAXT6krkmRkNGbnD&adContainerId=brand_safety_xUipZJipIuin9u8Posqo-A4&cbFunctionName=goog_wrapCb_xUipZJipIuin9u8Posqo-A4&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.appopener.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.appopener.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5645705217995911%26output%3Dhtml%26h%3D600%26slotname%3D6552881547%26adk%3D3552395109%26adf%3D2735220127%26pi%3Dt.ma~as.6552881547%26w%3D227%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1688815811%26rafmt%3D1%26format%3D227x600%26url%3Dhttps%253A%252F%252Fwww.appopener.com%252Fyt%252Foa2f72yep%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1688815811428%26bpp%3D1%26bdt%3D1223%26idt%3D1%26shv%3Dr20230705%26mjsv%3Dm202306290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D5a631f4aafc70d22-2213c3adb2b40037%253AT%253D1688815811%253ART%253D1688815811%253AS%253DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q%26gpic%3DUID%253D00000c38a7b74a87%253AT%253D1688815811%253ART%253D1688815811%253AS%253DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q%26prev_fmts%3D0x0%252C1200x280%26nras%3D1%26correlator%3D6883907483760%26frm%3D20%26pv%3D1%26ga_vid%3D971080236.1688815810%26ga_sid%3D1688815811%26ga_hid%3D614847232%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D87%26ady%3D0%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759842%252C44759875%252C42532316%252C44788441%252C31075885%26oid%3D2%26pvsid%3D3863357890557807%26tmod%3D1934160056%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DiZ9PbHMfko%26p%3Dhttps%253A%2F%2Fwww.appopener.com%26dtd%3D7&adsafe_type=bed&adsafe_jsinfo=,id:43ca3155-c051-ae1c-2df1-d20c0636f619,c:hM4zWC,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6b6dfd5f7-cxgcx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tJpV2Vx+11%7C12%7C131%7C132%7C141*.1475223-71249285%7C1411%7C1412%7C1413%7C1511%7C1512%7C1513%7C161,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:31,oid:ce27e8e1-1d82-11ee-a23c-1ed863d51d2e,v:19.8.425,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

175 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request oa2f72yep Show response
www.appopener.com/yt/
Redirect Chain

https://appopener.com/yt/oa2f72yep
https://www.appopener.com/yt/oa2f72yep

6 KB
3 KB

147ms
45ms

Document
text/html

76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f3dc495f120c7061acdfe18e280b9e514e778eee9acf8874beec79d15a49c50f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 2600188
cache-control: s-maxage=0
content-disposition: inline; filename="index.html"
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 08 Jul 2023 11:30:10 GMT
etag: W/"57088241d183ec58e390575a2f7fe1b8"
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: fra1::b9ftw-1688815810175-d859bcf203ce

Redirect headers

cache-control: public, max-age=0, must-revalidate
content-type: text/html
date: Sat, 08 Jul 2023 11:30:10 GMT
location: https://www.appopener.com/yt/oa2f72yep
refresh: 0;url=https://www.appopener.com/yt/oa2f72yep
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: fra1::f892p-1688815810031-421ad142858a

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
83 KB 146ms
56ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P7L1ZVNFSF

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c76523f2e483b8a1a812c43fdd954ca64052ebff296e5e6365b9e8acc4d2a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85007
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Jul 2023 11:30:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 177ms
87ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5645705217995911

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f2924abcf6a7d41a69ee5be6730bf978b8211fce681b156a4cd8c0dbe1812c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.appopener.com/
Origin: https://www.appopener.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48733
x-xss-protection: 0
server: cafe
etag: 1329610985436081478
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:30:10 GMT

GET
H2 200 auth.js Show response
otpless.com/ 12 KB
13 KB 718ms
589ms Script
application/javascript 13.249.9.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://otpless.com/auth.js
Requested by: Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-128.cdg53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 291b29d3a269b8725f5090b24cd10bc1c750cbe4daa2c73b0fefe258740d6963

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
via: 1.1 d6b30cd44d0926586624a3163e9a9e9a.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jul 2023 10:19:08 GMT
server: AmazonS3
x-amz-request-id: NS068WRJMZKQQJR5
x-amz-cf-pop: CDG53-C1
etag: "fc780b25430d9dbd81da64b4e7d8ddcc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 12598
x-amz-id-2: OOpa4wXuFJKxIu1xDu7PsrgadiZv/S62FP+swNOG9x+vA7csGw8Cv/uBELQxYEvHg03jqGiz4Us=
x-amz-cf-id: HnEcOYxdARooQpmrIiYnbsz0sCj8oX49dY6EawGNGIRFA3YSwPCzEg==

GET
H2 200 8.0910520a.chunk.css
www.appopener.com/static/css/ 163 KB
26 KB 47ms
46ms Stylesheet
text/css 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.appopener.com/static/css/8.0910520a.chunk.css

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2cd1b908881c4c36a5f30c066061598036c4f4391e77f649fd74f752d133f9ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/yt/oa2f72yep
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:10 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::j4lfl-1688815810226-bb0eef8d9bf4
age: 63550
etag: W/"481ba9f0d38f16f867b42d01062a6c9e"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="8.0910520a.chunk.css"

GET
H2 200 main.0266d9e2.chunk.css
www.appopener.com/static/css/ 1 KB
743 B 45ms
44ms Stylesheet
text/css 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.appopener.com/static/css/main.0266d9e2.chunk.css

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

492d439aeb0d5cc4ae9a2dd15257cb489d9d77a561e8ca2d8e947512a16ae421

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/yt/oa2f72yep
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:10 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::rxn9n-1688815810226-2354efb476cf
age: 3360183
etag: W/"9efd0bc753855682ddfd296593939a60"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="main.0266d9e2.chunk.css"

GET
H2 200 ezoic.js Show response
go.ezoic.net/ezoic/ 12 KB
4 KB 160ms
39ms Script
application/javascript 2600:9000:225b:f800:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezoic.net/ezoic/ezoic.js
Requested by: Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:f800:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e2977d08a3c9c3534ad6e4131ad9677797d6d9462e727faeb65a251c8ed5f275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 09 May 2023 01:33:01 GMT
content-encoding: gzip
via: 1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 5219829
x-cache: Hit from cloudfront
last-modified: Wed, 03 May 2023 17:04:23 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "3090-5facd0c2bf3c0-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
x-amz-cf-id: mPMAVlydiIig-R-0A1h3hkNupU0bPiZpeZyIrj7BqHa-qFuKNGAWPQ==
expires: Wed, 08 May 2024 01:33:01 GMT

GET
H2 200 8.18146037.chunk.js Show response
www.appopener.com/static/js/ 157 KB
52 KB 81ms
80ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.appopener.com/static/js/8.18146037.chunk.js

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f8ce100e2132df55ad8e9fc5ba137fcff18d94f9043502618431e1d9889ecaa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/yt/oa2f72yep
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:10 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::mk87r-1688815810260-2139bf396cfd
age: 3319872
etag: W/"8b75fed51f8a2db92e655be490941e3b"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="8.18146037.chunk.js"

GET
H2 200 main.d1d5a70b.chunk.js Show response
www.appopener.com/static/js/ 2 KB
783 B 45ms
44ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.appopener.com/static/js/main.d1d5a70b.chunk.js

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

06584179213ea118374e6d0594f1943e1ec68df0e2f32ec96cdd61f79ab4d575

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/yt/oa2f72yep
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:10 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::b9ftw-1688815810226-0caf25f752c5
age: 3357358
etag: W/"f6f14302851c00cc85d09cc72ee41678"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="main.d1d5a70b.chunk.js"

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 136ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P7L1ZVNFSF&gtm=45je3750&_p=614847232&cid=971080236.1688815810&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688815810&sct=1&seg=0&dl=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P7L1ZVNFSF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.appopener.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ 344 KB
118 KB 183ms
102ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5645705217995911&plah=www.appopener.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5645705217995911

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a58b32f70180e530dea9b5fe4be61c1dd587f775d6ca687f43c706feff870b42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121034
x-xss-protection: 0
server: cafe
etag: 14123074530701739096
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:30:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230705/r20190131/ Frame 3829 10 KB
5 KB 129ms
40ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230705/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5645705217995911

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.appopener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 20:09:44 GMT
etag: 12368291122986407432
expires: Fri, 21 Jul 2023 20:09:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
603 B 139ms
52ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.appopener.com&callback=_gfp_s_&client=ca-pub-5645705217995911

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5645705217995911&plah=www.appopener.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13c34d9b94c98de8770dc7335f2a72719556882cb2d2513882884dbecd595f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 167ms
49ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.appopener.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F666 100 KB
29 KB 735ms
735ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&adk=1812271804&adf=3025194257&lmt=1688815810&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815810475&bpp=458&bdt=270&idt=459&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6883907483760&frm=20&pv=2&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=478

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c949d7d3d0ef76a5b1f708ea41fc3849c76b6ab4782e1d07eb81b7ebb89856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.appopener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30019
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 11:30:11 GMT
expires: Sat, 08 Jul 2023 11:30:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 648F 110 KB
38 KB 611ms
608ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=280&slotname=9492391764&adk=3497407662&adf=1573534164&pi=t.ma~as.9492391764&w=1200&fwrn=4&fwrnh=100&lmt=1688815810&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815810957&bpp=2&bdt=752&idt=2&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RF2loUTUyL&p=https%3A//www.appopener.com&dtd=10

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e4a36ca2a4906da1df3a9e76673e165340ef29f119e4396106add36ff3f80b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.appopener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38249
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 11:30:11 GMT
expires: Sat, 08 Jul 2023 11:30:11 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 520 / Show response
g.ezoic.net/ 259 B
734 B 360ms
258ms XHR
text/html 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/?ezjsu=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/ezoic/ezoic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 548b3e4d3542b45ab7ec864aa5163ba6f8913f77928372f8488192e71c332620

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: br
x-sol: blank
x-middleton-response: 525
content-length: 183
response: 525
server: Apache/2.4.39 (Ubuntu)
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.appopener.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: X-PINGOTHER
expires: Fri, 07 Jul 2023 11:30:11 GMT

GET
H2 200 0.1e321fb1.chunk.js Show response
www.appopener.com/static/js/ 46 KB
16 KB 53ms
50ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.appopener.com/static/js/0.1e321fb1.chunk.js

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

12321b9701eabdfbe8bae72b22a0e2a99252e478089d8f76cbb28f690f42b731

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/yt/oa2f72yep
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::fzkh5-1688815811015-3cd5914ce28a
age: 3358641
etag: W/"22bc26a7f333738ba0eda385b1b7e726"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="0.1e321fb1.chunk.js"

GET
H2 200 2.36213080.chunk.css
www.appopener.com/static/css/ 22 KB
6 KB 50ms
48ms Stylesheet
text/css 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.appopener.com/static/css/2.36213080.chunk.css

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5f080724ed37598119610e9402e3573c0cc0bd4e7f49a00339ea74d2ab699715

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/yt/oa2f72yep
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::j4lfl-1688815811015-cd870c349353
age: 3377797
etag: W/"bee93423e6f04f950c21bf13835359a0"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="2.36213080.chunk.css"

GET
H2 200 2.af0c18c3.chunk.js Show response
www.appopener.com/static/js/ 8 KB
3 KB 52ms
50ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.appopener.com/static/js/2.af0c18c3.chunk.js

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2528f1592bd47881f4808eb2b6c7ba02009c06369e9857c9cc18885ee25809b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/yt/oa2f72yep
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::kh7ks-1688815811015-8de145e8d12c
age: 3361649
etag: W/"63d86218124b258f66f00e59d461bc3e"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="2.af0c18c3.chunk.js"

GET
H2 200 10.4caba78f.chunk.css
www.appopener.com/static/css/ 1 KB
716 B 51ms
49ms Stylesheet
text/css 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.appopener.com/static/css/10.4caba78f.chunk.css

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

87c06811f18508d924fc1a2476ead130e981811864f2f0bab5014f87ac67f92d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/yt/oa2f72yep
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::nhgcf-1688815811015-fa9e2e6d03ad
age: 3308047
etag: W/"e1d79765e7eaca1fbb0f499db1fc696f"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="10.4caba78f.chunk.css"

GET
H2 200 10.b4e2932b.chunk.js Show response
www.appopener.com/static/js/ 4 KB
2 KB 64ms
62ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.appopener.com/static/js/10.b4e2932b.chunk.js

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fcfab59e797148634c9c43e3112465d91899611c270e3c5acf3617802262260c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/yt/oa2f72yep
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::qjqlc-1688815811015-c9c1cb28505d
age: 3378769
etag: W/"6995431da2e1f4e1baf64d3b7ad27adc"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="10.b4e2932b.chunk.js"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 132 KB
50 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MMFQKV4

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e0fb52d8bc58008649160c6f8fd15a2166d1a0f688375d6cdd14ff4c8711fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51529
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 08 Jul 2023 11:30:11 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 139ms
49ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700;900&display=swap

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/static/css/2.36213080.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2bc6af15a42a7b6dd655abcc81821c3f0dd47f42aa391cfbf4aa8827ea970b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 11:30:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 11:30:11 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
572 B 141ms
51ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@200;300;700;800&display=swap

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/static/css/2.36213080.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f15c287012fc8c06cab5ffaa25399983e76937ba636af45083f3edab7739417d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 11:30:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 11:30:11 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
711 B 141ms
51ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Mono:wght@300;400&display=swap

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/static/css/2.36213080.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

18606380b7adcfaa93f3ae7e4675a05147b5e160f131ce8216df9f4c0ea55541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 11:30:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 11:30:11 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
768 B 149ms
59ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat+Alternates:wght@400;600;700;900&display=swap

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/static/css/2.36213080.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e28ccc91175311ddc6f472112f17acbb82692a7f383cf68fe40eed8a4522d7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 11:30:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 11:30:11 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
589 B 146ms
57ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;800&display=swap

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/static/css/10.4caba78f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04f16191ed39ab91aa0ac52a6cca338d1649f6abab32bd94aa1ed7592bc80ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 11:06:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 11:30:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMFQKV4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Jul 2023 11:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1534
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 08 Jul 2023 13:04:37 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 182ms
92ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.appopener.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 18:19:00 GMT
x-content-type-options: nosniff
age: 234671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 18:19:00 GMT

OPTIONS
H2 204 oa2f72yep
app-opener-api.onrender.com/goto/yt/ Frame 0
0 351ms
236ms Preflight 216.24.57.253
RENDER

General

Check archive.org

Show headers Download Go to

Full URL: https://app-opener-api.onrender.com/goto/yt/oa2f72yep
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.appopener.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e37fe650aa79158-FRA
date: Sat, 08 Jul 2023 11:30:11 GMT
server: cloudflare
vary: Access-Control-Request-Headers, Accept-Encoding
x-powered-by: Express
x-render-origin-server: Render

POST
H2 200 oa2f72yep Show response
app-opener-api.onrender.com/goto/yt/ 167 B
477 B 1192ms
1191ms XHR
application/json 216.24.57.253
RENDER

General

Check archive.org

Show headers Download Go to

Full URL: https://app-opener-api.onrender.com/goto/yt/oa2f72yep
Requested by: Host: www.appopener.com
URL: https://www.appopener.com/static/js/0.1e321fb1.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.24.57.253 , Sweden, ASN397273 (RENDER, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: de457d95cd3160c1e897470a21e96fb3b450adf6120e4dc87e1905b6620f9661

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.appopener.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Jul 2023 11:30:12 GMT
x-render-origin-server: Render
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"a7-sG7wZe62YO831X8Iplt23UOE+k8"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7e37fe667c6b9158-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 88ms
50ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.appopener.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 19:43:26 GMT
x-content-type-options: nosniff
age: 575205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 19:43:26 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 47ms
47ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=614847232&t=pageview&_s=1&dl=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&ul=en-us&de=UTF-8&dt=AppOpener.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1191704153&gjid=2012618820&cid=971080236.1688815810&tid=UA-209168136-3&_gid=438133774.1688815811&_r=1&_slc=1&gtm=45He3750n81MMFQKV4&z=1526836007

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appopener.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.appopener.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 153ms
49ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-209168136-3&cid=971080236.1688815810&jid=1191704153&gjid=2012618820&_gid=438133774.1688815811&_u=YADAAEAAAAAAACAAI~&z=819149824

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.appopener.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 08 Jul 2023 11:30:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.appopener.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gc.php Show response
g.ezoic.net/ezoic/ 2 B
200 B 45ms
45ms XHR
text/html 2a05:d014:776:a63e:931e:6ac2:944b:f27e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezoic/gc.php
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/ezoic/ezoic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
server: Apache/2.4.39 (Ubuntu)
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html
access-control-allow-origin: https://www.appopener.com
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
x-robots-tag: noindex
access-control-allow-headers: X-PINGOTHER
content-length: 2
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 52ms
49ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.appopener.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 91B3 25 KB
10 KB 1915ms
1913ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=6552881547&adk=3552395109&adf=2735220127&pi=t.ma~as.6552881547&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811428&bpp=1&bdt=1223&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iZ9PbHMfko&p=https%3A//www.appopener.com&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1966dd5073c939fa8da3dd73ac944ba9baf5c7a17876785c51c8d517fd6cacc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.appopener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10123
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 11:30:13 GMT
expires: Sat, 08 Jul 2023 11:30:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C37D 25 KB
10 KB 1238ms
1235ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=4955640795&adk=1541465834&adf=2575509664&pi=t.ma~as.4955640795&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811439&bpp=1&bdt=1234&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280%2C227x600&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=bFglzNViRN&p=https%3A//www.appopener.com&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f584b7cca7a794aae766ee02fbe80342614f4ac64635abc7f830896c8fd3850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.appopener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10143
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 11:30:12 GMT
expires: Sat, 08 Jul 2023 11:30:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 142ms
53ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-209168136-3&cid=971080236.1688815810&jid=1191704153&_u=YADAAEAAAAAAACAAI~&z=253350288

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 154ms
66ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-209168136-3&cid=971080236.1688815810&jid=1191704153&_u=YADAAEAAAAAAACAAI~&z=253350288

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 90cda0d4b2e9798013d5ae8e8588fe0b.js Show response
www.gstatic.com/mysidia/ Frame 648F 9 KB
4 KB 133ms
40ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/90cda0d4b2e9798013d5ae8e8588fe0b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=280&slotname=9492391764&adk=3497407662&adf=1573534164&pi=t.ma~as.9492391764&w=1200&fwrn=4&fwrnh=100&lmt=1688815810&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815810957&bpp=2&bdt=752&idt=2&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RF2loUTUyL&p=https%3A//www.appopener.com&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 23:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3972
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 19:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 01 Oct 2023 23:17:17 GMT

GET
H2 200 369d21e23798e41a4bd263e83a9ef671.js Show response
www.gstatic.com/mysidia/ Frame 648F 10 KB
4 KB 133ms
41ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/369d21e23798e41a4bd263e83a9ef671.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffeca646555545c8fb0fb9fc1d08b6e9481509b0f0fb78b4243807ca076410c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4215
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 16:59:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 19:38:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 648F 14 KB
1 KB 50ms
49ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 10:07:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 11:30:11 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 648F 2 KB
973 B 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:19:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:19:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 648F 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65474
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:18:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 648F 3 KB
1 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:54:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 10:54:23 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 648F 20 KB
9 KB 141ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:19:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 648F 179 KB
57 KB 160ms
56ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:30:11 GMT

GET
H2 200 5f03bef6f00b7a8cf9d43233a2aa7e67.js Show response
www.gstatic.com/mysidia/ Frame 648F 33 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5f03bef6f00b7a8cf9d43233a2aa7e67.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 19:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 19:38:10 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ 154 KB
52 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e8ae888ecb9bdc3144eba768780ad741476aa4c6fecdd40b4e9d42c4f3c81db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53429
x-xss-protection: 0
server: cafe
etag: 13407189928002656229
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:30:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4670 143 B
166 B 41ms
40ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=280&slotname=9492391764&adk=3497407662&adf=1573534164&pi=t.ma~as.9492391764&w=1200&fwrn=4&fwrnh=100&lmt=1688815810&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815810957&bpp=2&bdt=752&idt=2&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RF2loUTUyL&p=https%3A//www.appopener.com&dtd=10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 11:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 648F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 856bf36e3d42cf8a25bafbabf4a8be2bb2227d23fcfd9b9c3e4061d622450db4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4670
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

65ms
62ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 11:30:11 GMT
expires: Sat, 08 Jul 2023 11:30:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 11:30:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 54ms
50ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.appopener.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230705/r20110914/ Frame 26E6 10 KB
4 KB 48ms
44ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230705/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.appopener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 04:21:06 GMT
etag: 12368291122986407432
expires: Sat, 22 Jul 2023 04:21:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 648F 33 KB
33 KB 49ms
38ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 318054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 19:09:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 26E6 23 KB
9 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:18:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 26E6 8 KB
750 B 56ms
55ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Jul 2023 11:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jul 2023 10:33:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Jul 2023 11:30:12 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 26E6 15 KB
3 KB 152ms
41ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 18:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59903
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2883
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 18:51:49 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 26E6 371 KB
127 KB 153ms
42ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 10:39:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175866
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130330
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 10:39:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 26E6 20 KB
8 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:19:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 648F 0
23 B 85ms
85ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ8Wnw0ipZPNeqYjV8A_83b3wCcC3laZxyu7-peoR-ISX3UIQASCPlPaXAWCVivyBlAegAY6XhIgDyAEBqAMByAPDBKoE2AFP0PjUD3SGHnGesXOWUmQ_o51TE07JQmGzu0Pl38bsQsJLhG6MVittbDtFclZCddaEJQKe9ab0m2deWPiYRIFtI_yJkw0KJHAqdIr7hJOOeCIHigjFwE8Ub63T6hLLTUKOqnVcwl8HUobrQHzGqilo83I-bbrTgESZI0X3THY1nS8-ZUNUgUTWJ-qM7Bi04IOrrX1mOr73pu-8mmVVfZnFO1HiV4PTRtfBtl1hl3PLgCjRZAI2wsz42Q8Xd9JooMhEWv0EF17GUAdLWIaKakeVrmtSsanQHdDABMXt4MGvBJIFBAgEGAGSBQQIBRgEoAZmgAfa6Pt3qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ0dgV0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi01NjQ1NzA1MjE3OTk1OTExGAA&sigh=UVotA9eio08&uach_m=[UACH]&cid=CAQSGwBpAlJWhFFiVJTtFiqOZ8wObFuET6jtRA0BiRgB&cbvp=2&vis=1

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=280&slotname=9492391764&adk=3497407662&adf=1573534164&pi=t.ma~as.9492391764&w=1200&fwrn=4&fwrnh=100&lmt=1688815810&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815810957&bpp=2&bdt=752&idt=2&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RF2loUTUyL&p=https%3A//www.appopener.com&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 08 Jul 2023 11:30:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 08 Jul 2023 11:30:12 GMT

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 1551 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 06:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jul 2024 06:25:48 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 26E6 0
234 B 234ms
56ms Ping
image/gif 2a00:1450:4009:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ljtxbwmb&c=3251888513429&slotId=1625944256714.5&qqid=CP_yiJSB__8CFfwcigMdqyIDlw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:818::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 26E6 15 KB
16 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 584757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:04:15 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 26E6 15 KB
15 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 28785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 03:30:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26E6 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CrQATw0ipZL-FA_y5qMwPq8WMuAnM3Ozpb6bitYOyEMCNtwEQASCPlPaXAWCVivyBlAegAfeb7eAoyAEFqAMByAObBKoE-AFP0EclfaIGD-cRSNM677JaERV3Lyubb9WzoIgztJklJY0S_0Cjc0WjJr19BMn9E1t10mWmv51T6MmX7yzQfzKMqu-lDLHa9YSJgb3653r1FdJSO4eyza0r0B9bzPq6HGIV7UCLPCASaeVMb-y7e1tH93V_-t9snjKMlEzq9KfuG7a_0iVwVkuHXIaD_4hM21VooYHVhSuW_GIyGbbZtGMWeHBRKeAoi50hv-9zzHZoFWxcatVDrcapbQJ55emZRLmMzzmXfGsGp9pTLmo7ZXEtQZz0fXzzTK9c754F-occh7DJz0j14CjCcUNYLsEutrhxSwosFeiUe8AEv4f78IIE4AQDkAYBoAZ2gAf3073AA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBO2pP0T0BMA2BMNiBQG2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1688815812331&ai=CrQATw0ipZL-FA_y5qMwPq8WMuAnM3Ozpb6bitYOyEMCNtwEQASCPlPaXAWCVivyBlAegAfeb7eAoyAEFqAMByAObBKoE-AFP0EclfaIGD-cRSNM677JaERV3Lyubb9WzoIgztJklJY0S_0Cjc0WjJr19BMn9E1t10mWmv51T6MmX7yzQfzKMqu-lDLHa9YSJgb3653r1FdJSO4eyza0r0B9bzPq6HGIV7UCLPCASaeVMb-y7e1tH93V_-t9snjKMlEzq9KfuG7a_0iVwVkuHXIaD_4hM21VooYHVhSuW_GIyGbbZtGMWeHBRKeAoi50hv-9zzHZoFWxcatVDrcapbQJ55emZRLmMzzmXfGsGp9pTLmo7ZXEtQZz0fXzzTK9c754F-occh7DJz0j14CjCcUNYLsEutrhxSwosFeiUe8AEv4f78IIE4AQDkAYBoAZ2gAf3073AA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBO2pP0T0BMA2BMNiBQG2BQB0BUB-BYBgBcB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 26E6 0
54 B 217ms
57ms Ping
image/gif 2a00:1450:4009:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ljtxbwmk&c=3251888513429&slotId=1625944256714.5&qqid=CP_yiJSB__8CFfwcigMdqyIDlw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.12p&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:818::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 26E6 28 KB
17 KB 330ms
172ms XHR
text/xml 74.125.206.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BTuJ7h3Y8scq0XVPg2GX782QOgfKtkp2xDPS3UaC6iUvDUwFioXVyC2OkmFqOMaWILZ4yFEBuMpsDSF_vtnV-mywozBQ&cry=1&dbm_d=AKAmf-D7d50vQQaW19kOPuJC7x_eIwXerCFSag34wAVHTDBbF9KL2AZq0H7vunYSO9AQWAZX6mgz7k-iHf4zY52WxQP_vyk7CVcQ7MtK_edwt3lQ5JZm-CZyem3cHk_vDLTr7AZ9MTCgNxsJoWqAjBTWKr4Z3lGoorEddgGSX-UuKNMIHp7ZycqcxNFX878EnwP9j5tXTWqmpZi9h12qQcfG4BdR0TLrb4YsxrAZEXqqUZpHarDIul_B2rdT8KutarDnDm5mgkzG1xWq1XfEu2DejxW3wUt2oaIMawaE3tW1jhIwWevHXoamWWyz57qWBip5WileBjto4LFhP7obhLgHP6c7JYqb36roN-QJv6WCZQxRObzjC3gbjWrsOblH4vJlrlZHvMkl6zAJogY8F-_l_ZR7DFV__GPh7iF1mUpR1JQF5afByL0_LodNcPQ_sIEjDMmOeGJ2gV9ZSpMArVugf8atHQ-4YAfcDTt9izd2REdXQCztdudPPykwWZ-Itf2ld7Z7XN4IftlVY6SJ5s3uS-n0PXgUx3KVwVRAWCU29Q9ldPdHH2LRK1eFSOL50fMru6mhSl3kSJu5gpQQNzblsv8BNUgYu3S6lZ8MGg-TaUR8XdrPP1SLRSjFlVxDktihgNsy_hQ1qQr7pZ5_8OH6FI_PLIAds7ME0k05u1rOQwjNuKJNMv0tZv5BXhfYZ8941k41XhDt1xF5L69nRNh3nlHKVUEWloEvxMLcHDNJ62AYRLdIGp13q0p-cKBaex5PKlTjtYOSYRSqrc5ZN1UmIq0ODgz-EHmfh-OitZLXVqw5SawWgk3sPUaP1fCzYYVp_KDEDm45mhNFfVJjd3pxWkGl-q_jSq9TliBHFPSip7e9PdAKMNyWsktNA89kBdOucnQ4fW5M6YvnFhh1MJw2Jci1k3DxpbdVS6MCLuOuQgVnhFUgWXSIOuqk5pY_SUqR5vYWPK9DvJtHpLpoVHMvdE8OTpUgZUrO3Ge9iDsSBCldfrd9ZmzdbzrWn2HETPcDmeJLNSiHZfg0LhKLrK4iFKn-OtejNP8Ycx-kXnsvnKi3BQID_wfW6WKOFbgiGJBsrBPlUeaEcaN5zVfsv6GsDHK-XC1uFpFchBqZ4tscek4FUwTHc2lBqsz5q1yFYibvwChJ_F2wYrD9n7x5qOWbnwfNakbeZPerN_nwLzR_TwK5X5IOuLxY0tgs9Ocld2mXw0Pqx0ChGHDi5CHUlMTH18j1_lVRxvLLguLlpvziNiox1Wk1a2YRQzQ1zdyDU7IT8Jk0QMz2gcsaI77JWW4dudeBZt35_emIsQ68iZtdPsnSXXX4TNYDzldx3-4S9TdyIQkuAEa3PjLdBCU-FePxd5APueP14tnfWflzPLiFzeHj7C6vRs5mnsxo3ViiMXluTjYPfO8Hft2tFonPuDsWLu1dA3wqrp-e_8yrfOjN9rLMrUwsGw1GnMNFu9yb6XwAaNERDMvKwNsQvdAyfyD4u162LI77cQNdwORpIaNHBXckH2clWD2d3BL85xkjLEvO9HGKs3o4gWQ4H8arapTpa0SUcZCDJT7FekOX7SunpWE0pmMa44c5VmZPbEJABsgJWjhNf-OOkXPiyA-BhtspusI-0SX3CtWgiDc226E_3tPaJL1Jso0T3VdkGO2L2_hkgQf_6BNcLZFYU1oezP35E_ePKPIfQf9q6E5gClfoBlg-WjAV8GoH7RLzXqdMO35ous8wwfsv_GTiEBO12ygaloG5HO3u_J76ieuXYXfwYXXyoeY6-u42yulfN7oBhZKqZ3UHreLCQw8pN6-iYw7EirB0plFTB8w9FyBf-eOD1mXhJNVfeXm6q6f3QcJR7wqUVhLeMpORN0K1nwVQbHh4FcCGqkNL4zIp183FLeHXbXG25J3PbJI7jySwWiwqgR59ihio3uOXMclAlVB4mhChcFfFYxHK9vdiBgWfnjBTEdVi0SZNeKKRDJnPOgolCdm7SvFRhmB-lGkYC3tZWyNQa6UAaMDqG7461YYb2o9Y9CuHa733PUwzMH_L6LxaYyxOLjdB5s8lfeYiVuCuDZstI3PCt49gKiReH3Q-RMiWTP0tSqovniVts2bR64yjbmo9H_AaYYyspXIUaQbtAtet3MFN38PW7h-n5ZkY-a_6eQX8s8YGOcyMtWv-19h6JvhbJGHMSGDyTAhQwS-jn40vAA9yZwwVQX6RC_ee1fEvMU2yKykrMovb-ibXs4jimRjO8a5psqhMLsMxqWatzhXKymtZlbvXZIn0AS9PSCF1PxllJtZssO0jnu7W6ozuk9kxes8raTHKc7KeHwLe-iTOsu28D3PgnGno14e_V0alEz9IXhLzR2IK7PES0ha_43IcKMuGkBYp7vB6i3qVYt9UfdM33Tar7j37lG1IhQo6sqWp4C0Ij78ODfvLpKI0Gbb9MFpxI615FL9HHmjDadAcyszrmarTj0oSsn41ATT660sKHhXTBgT1ohcrT5TP2u9Syv2JgGb3NUwDzPlGEiKSdh7FUDVQ5vr8GCONuUlNAsJwbe4iFheOlqDXfQplsUwJ__tR3nQ8AeFh_MEgK5yWzUQyuhsaQE1yV2zZlgqD9J4OLHno5-RWNeo-EeYpZQ9lGWO172IQUP2jafpulOZ7jjkQcl94TQ1s4gHIbgj9S4Go3reVv9vtshranANUL2iMdPaPbtAupQoX5eXs6csNt98l0llhD3NrdlhcGcnRwYII8A_rDhsL6OgdVxqNfRVz-c3Hww5L-btjdW3m_1cBQvu59wdQ4hPAOo2V7-0MbezYaIisPUb696uuON-gpoDpbyQNcyUxIA74apxN7geEsTb4pHfvSy23qBNQ3Dddct-9H4FpZTFfjEHbMNp77PdA2CkLhphIfJ2pEjr0ytXFxl4qLmtxFnj09M2YdhfMmUBuYslw7S_JYaQV3vuXE9Isn3rWQ0ejt0LMaTim1hPVpDaePfgwAsAlsPdUbNlejFZhO40pw9ODbryh0dfB88FRorAk41Ljx6fgKkKUCP0sunZ8S2yuYmFNL3XkPgkegFnZlam1X0QPH_GK9S1198U8S9wj-GrxGij6rZjpsgKzLu2WUyHyY_KwdQ7qn7mt5HyQ2zJCwTcoLjB5FlRKjaGRH4d77Lyvndys7YZtuRFFXhCh_6utdXnFNAdadkKF-EwV_iBPp9c047as4s77dx7tmwtCJ8Q9-eKnnOdwWezG52htdjZMHxZ51OtP8RbMOniI9Kbpc5vMtzaCU9x9aAAR8kiPR0vuF1cL_YKueavd9jgf7v-7uCuqbmZRZSG9mMf9jZDRh6Mi2RzHEeCtuUtsoLS0nBXvuW-RfMtFLU2cFnja4xppkEJC2sIVDvgVmlXPeRXOw69h35Tp7PFRViGKcQmnmRHTLEtwLMKCEPrOTBZE0Kb8Xejrk4qWAolCIzi_8aT5WQI&cid=CAQSGwBpAlJWtNMKt2JIcQTBt2IjP5pRe6G4wqPaExgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f154.1e100.net

Software

cafe /

Resource Hash

919d1b4e3ccac45d8fe13f9baa9205f82384856e6e1a469c803d216edea245ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16393
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 26E6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fab9ddc37140b5c1b8e627c18d7a5f42edd758ebb50afbe819bdec9441f2fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 26E6 0
19 B 78ms
77ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cw8qTw0ipZL-FA_y5qMwPq8WMuAnM3Ozpb6bitYOyEMCNtwEQASCPlPaXAWCVivyBlAegAfeb7eAoyAEFqAMBqgT1AU_QRyV9ogYP5xFI0zrvsloRFXcvK5tv1bOgiDO0mSUljRL_QKNzRaMmvX0Eyf0TW3XSZaa_nVPoyZfvLNB_Moyq76UMsdr1hImBvfrnevUV0lI7h7LNrSvQH1vM-rocYhXtQIs8IBJp5Uxv7Lt7W0f3dX_632yeMoyUTOr0p-4btr_SJXBWS4dchoP_iEzbVWihgdWFK5b8YjIZttm0YxZ4cFEp4CiLnSG_73PMdmgVbFxq1RusPPtlYKHXe0iBdecm9Z2V0VpzYDGo4RPl0g1klnB0VevACM_HHqxeqzKfAjttFCF4xuhdW4veFUVfgdaU72aWwAS_h_vwggTgBAOIBYiJ5pNCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAf3073AA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEOWJKRj_gLHPAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGwE7ak_RPIE_aY6-AD0BMA2BMNiBQG2BQB0BUBgBcBshccChoIABIUcHViLTU2NDU3MDUyMTc5OTU5MTEYAA&sigh=B1mufOc3koI&uach_m=[UACH]&cid=CAQSGwBpAlJWtNMKt2JIcQTBt2IjP5pRe6G4wqPaExgB&vt=10&cbvp=2&vis=1

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 08 Jul 2023 11:30:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 26E6 0
54 B 57ms
56ms Ping
image/gif 2a00:1450:4009:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ljtxbwn2&c=3251888513429&slotId=1625944256714.5&qqid=CP_yiJSB__8CFfwcigMdqyIDlw&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:818::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 26E6 41 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 17:15:18 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/39af86965829d928/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720351812/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 26E6
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/39af86965829d928/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720351812/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/39af86965829d928/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720351812/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

204ms
40ms

Fetch
video/mp4

2a00:1450:4001:10::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/39af86965829d928/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720351812/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1E78601F6117B641B4D0058FF646F766379F6B4E.1795E2C125F3B90E518085AE3569AAC410590C06/key/cms1/cms_redirect/yes/mh/OT/mip/2a01:4a0:1338:92::9/mm/42/mn/sn-4g5lznes/ms/onc/mt/1688815075/mv/u/mvi/4/pl/36/file/file.mp4

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

HTTP/1.1

Server

2a00:1450:4001:10::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 08 Jul 2023 11:30:13 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 3622039
Last-Modified: Fri, 15 Jul 2022 17:18:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 08 Jul 2023 11:30:13 GMT

Redirect headers

date: Sat, 08 Jul 2023 11:30:12 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/39af86965829d928/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720351812/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1E78601F6117B641B4D0058FF646F766379F6B4E.1795E2C125F3B90E518085AE3569AAC410590C06/key/cms1/cms_redirect/yes/mh/OT/mip/2a01:4a0:1338:92::9/mm/42/mn/sn-4g5lznes/ms/onc/mt/1688815075/mv/u/mvi/4/pl/36/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 26E6 0
54 B 58ms
57ms Ping
image/gif 2a00:1450:4009:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ljtxbwwq&c=3251888513429&slotId=1625944256714.5&qqid=CP_yiJSB__8CFfwcigMdqyIDlw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=878&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1cj~videopreviewvisible.1co&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:818::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7ED0 624 B
245 B 85ms
83ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNXNQreqKpel4ouwnVcO1T5HyMDfLBP-BlZAKqK8V0hLoHvW731jnnCdU10LR4L-5Cr_70QEvV8pSsEWilO6F3UeDSw4ygwz3DggwsrwN3h4aJvEgTY2V1p3L2Kv8dbWQ_frHVsvq_gPlxr23k2Fv09vVsUqi9B2gyssN0s7VmD7rELJkJ8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=4955640795&adk=1541465834&adf=2575509664&pi=t.ma~as.4955640795&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811439&bpp=1&bdt=1234&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280%2C227x600&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=bFglzNViRN&p=https%3A//www.appopener.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=4955640795&adk=1541465834&adf=2575509664&pi=t.ma~as.4955640795&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811439&bpp=1&bdt=1234&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280%2C227x600&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=bFglzNViRN&p=https%3A//www.appopener.com&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 11:30:12 GMT
expires: Sat, 08 Jul 2023 11:30:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 20DB 78 KB
27 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:30:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 20DB 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:54:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 10:54:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 20DB 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:19:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20DB 179 KB
56 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:30:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 20DB 42 B
63 B 78ms
77ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CoyR04SI2wrZ55osrhQm2EnLMxkbhJRjGl7d1W7Zp_SlK3JIbUMja77jw7hncTNS9fxoQI0hvDZvmd2khIoiB_vm0ukwyG5l0KfxvR0u-xgyS9gso

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 20DB 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2034843905626090477&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 1ADE 23 KB
8 KB 48ms
47ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 230668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 19:25:44 GMT
expires: Thu, 04 Jul 2024 19:25:44 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 45ms
43ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=614847232&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&ul=en-us&de=UTF-8&dt=AppOpener.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Normal%20Click&ea=Continue%20to%20the%20Link&el=https%3A%2F%2Fyoutu.be%2FFbxoFE56Fto&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=971080236.1688815810&tid=UA-209168136-3&_gid=438133774.1688815811&gtm=45He3750n81MMFQKV4&z=997355188

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 21:21:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50895
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7ED0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoGphEsny3UUcdg5XrOa08&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoGphEsny3UUcdg5XrOa08&google_cver=1&C=1

43 B
632 B

80ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoGphEsny3UUcdg5XrOa08&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNXNQreqKpel4ouwnVcO1T5HyMDfLBP-BlZAKqK8V0hLoHvW731jnnCdU10LR4L-5Cr_70QEvV8pSsEWilO6F3UeDSw4ygwz3DggwsrwN3h4aJvEgTY2V1p3L2Kv8dbWQ_frHVsvq_gPlxr23k2Fv09vVsUqi9B2gyssN0s7VmD7rELJkJ8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Jul 2023 11:30:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 08 Jul 2023 11:30:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESELoGphEsny3UUcdg5XrOa08&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7ED0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKlIxPYQq2JBVcKUJ6NGQAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoGphEsny3UUcdg5XrOa08&google_cver=1

43 B
632 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoGphEsny3UUcdg5XrOa08&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNXNQreqKpel4ouwnVcO1T5HyMDfLBP-BlZAKqK8V0hLoHvW731jnnCdU10LR4L-5Cr_70QEvV8pSsEWilO6F3UeDSw4ygwz3DggwsrwN3h4aJvEgTY2V1p3L2Kv8dbWQ_frHVsvq_gPlxr23k2Fv09vVsUqi9B2gyssN0s7VmD7rELJkJ8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Jul 2023 11:30:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoGphEsny3UUcdg5XrOa08&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 7ED0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAsew21YIFQRwgjuxwV-j3s&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAsew21YIFQRwgjuxwV-j3s%26google_cver%3D1

43 B
891 B

68ms
68ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAsew21YIFQRwgjuxwV-j3s%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNXNQreqKpel4ouwnVcO1T5HyMDfLBP-BlZAKqK8V0hLoHvW731jnnCdU10LR4L-5Cr_70QEvV8pSsEWilO6F3UeDSw4ygwz3DggwsrwN3h4aJvEgTY2V1p3L2Kv8dbWQ_frHVsvq_gPlxr23k2Fv09vVsUqi9B2gyssN0s7VmD7rELJkJ8

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
an-x-request-uuid: b4b25171-4ab4-4924-9a78-3a762fe26787
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.108; 80.255.7.108; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
an-x-request-uuid: 3e4c76b5-7039-47be-ac63-f0079896601c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAsew21YIFQRwgjuxwV-j3s%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.108; 80.255.7.108; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7ED0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc4MDc5NzM5OTMzMDIyODc5MQ%3D%3D

170 B
243 B

64ms
64ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc4MDc5NzM5OTMzMDIyODc5MQ%3D%3D

Requested by

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
an-x-request-uuid: bc0f5b93-45f9-463b-8628-dc133bc88199
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc4MDc5NzM5OTMzMDIyODc5MQ%3D%3D
x-proxy-origin: 80.255.7.108; 80.255.7.108; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 20DB 0
20 B 78ms
78ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8338529967831&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 20DB 0
20 B 76ms
75ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8338529967831&version=m202301230201&ct=76&x=1&cor=2034843905626090500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 20DB 104 KB
40 KB 166ms
166ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnmqM_ZQWS-8oUQEQv49gNM6rMoYkvvhTjQwy2xtxy3xX-sNRWkDlt3AUPBtTbjTusdAhuQHdKlvq3NC7SRVofUlXtUjB2iw0Zz2JZGeLEnlw_5ObW3e-nh6CpfZIqUDx-DJiFwB4Kw_FgTan4TPYcEWFtRt1RWMAF2VI-Vt_oC8P36UY&dbm_d=AKAmf-DpWbPB8Gnw8O0rfpQ51rKnbJJcA37bxvY23-cW4fSaCuVp8-nhFiUzY8KqcRwG74WKC5zLbpbGPkB4Q7Ohg89JQbMmI_kvYOW_OVyhQc8y4qwCDiZEjPtF90woqNd9SyfKHN1pS6tqQoBngW9OpeceNKk_TZitfKKl56p1L8s9YqEHQnfAErP2xs4rgC1OgT7wcP5M-Mdx6XI4DedbG9n4N0T5XsrvxNMuQmbvylqi9Xf5MBihejDhA8Hf3cEIaY2RLZsbhW4Bu9Pwz8iiF5qjZN7tnP_wa7tyz-S4eIA-jBP3GJu6TgBhJFKn9alT-4BBMnkFtqZ97cdvJcju-cv9ya4TsGfZPvw1bkdEtDvOrUP1m0lCaNXogJldijP56yNlj5-ukojWlpWkYaQpUSsfacloBfvE7-kixw1IQx7c7qqHt_TOnmsudmbjYZcFVX8bDU8L_NSYKV4yFBCxxjv0ZMTec_oPs1nu2mtRzJi4szcioacHRIbUjfjke3tUKvAQ9v4yFk9DAjGycgqZeDJ9P8gLtDvM_A7mzFNtFG9hD7pEXwviAPDjPv0zwK9u7kv3PIk-kqqAg4A7e2UT7Bg-_o5dkrC7CFo0FZjO5mA_feMEDCjg_QvRnuLnHsiMCI0S38PmETv5eLLvKw3eniP4ZDjprKTLbGNnjOgClL-PLmMfjqxtgmG_t82D_0vavFg1Xmhr_S_Gn7guga0W3l24MEaQh0JSle73p28QU1OtrcQoxKQ7MH3jxrIf-MYn4O_HH3AJkxk7fUaAR6YA9KSzPrjenu7awQ5kueK9TDpwt-pRTJGgxLdvZla-A-HFZGTXswU5p4fODGBIanSnddVEqz1SgsndJXKHdL3ORzlgqloG38HW6l_OxQYzxi5-6ZwYRhnoCTxX0kOVLzjwgbHfoJYovuu2s4-FZiOBJPzo9lhLH6G_32lQEmSV-xZAjwHwPpHOGnlCnp7528kLzUjc3cpCFw3O0df4l83VttJyrqMH2yjyXjkFX_IsOh5KLEL_cpn8-15aSA7hwIT1HpMlQVfdY6jg93vD4T60rqr6AJC8wlHdhYRfnLmu3_CGDWLYm2sZk0Xz6SALfwfPGkUhkBoagTSe0TM8K4o3YCjLpWR4GI_v4z0lhRc72olkGTtV95RPAKhXFoJo-jwKEB6--nyaD8hgOT1XD3vOIbGGxVreVV-7DrP7noBrQKrSKMjX9byaiftDrJ5fM2F8xEVvWDWCdCXFEvjxpXG4UFSQCP8Mr-Q87Ti3Dl37TUhxAQqLzmIw8ijw08QYIpZy4yNHpdUjGOKAvrdTUO1-LirLqNtDkDfbtfetIbj166MJtsUgGH9EyKTbj5qsegjRVLV-werd4d1Jo996LqSHKaNPHXPO5B8i8sRR5YrpK1lb9S2PJ22nqVqyk2XM69Hy1njYRJ8e71Y2OrkMnu2T3X1G9tWp9obHm0WehdJQUVID9w64jL7_DvWZ0cpefdE2vQyvWR3paiisWdIRPcrfGgYGtgErAu01DP_dZsqvq5I5xZGqMFTMo6lpMJQI27fmrzFIvQY31aQW124sGwoR315BWXY_8RxR1ccUdzqG1Z9PVpAtHwgzbuMaUmyYUM14L67eY4NUxrw1ZPisGmrxhNlb-VpzQKAlQTqgaXjRGWJ16twr7fipu7hfJJ2U16k20I3Drj4MUeF4X1tau3WvOMGiQXHyyjAko1GxX_Y-x1PDiyDczy7XDC4OvG8GLnhpdd1hYQY2agHinsIoy3i1fej9yNbIiT88c026kGpl0WkTDotBwUavO9zK3J6UnKOtYnYQicetSigehZPgef7y91MN6y8glCsicnaVcrXWXButEngOOckw69R-PmXniVwaEFKD_q4rBJ7vQtDOglWhCGVvalTp2e9Q9ywhh1YNoxzWlDjTzDCIubmU1nuNdcYcNUOLDfs-m33WhKt7IPuI7dqihJe8-MVGUpI55X8BzDxmve_u5VqIsjGJ1lautI0ajP6ibj3PMsytO-6K6AYp8DSi9ntb98LHFJkqAaHmTduDel5H1jOVYYiQrCub75hfV6i6YpQOMgwqiIsJ9j9AtDomWp7QsVQ1ui48eAbtleteo-VgEuSAmZx3wmgQD2NoTx0LWFDtvLWES2ZxYKBF9xtTIckRvrwUH7SZ3hQ_RWW4AkEnBwctJbZXADlmLid0UEjbElq1lBAq4Vo30Rxz75jr5b2QBKLUBQ_sX3nSmIUfEqLBnRmM7y9o-V8ub9tASgUnPRcuF339IFdQt05EOtcv8Gz2NvvvWhA7w6YqxZamFyKL83sxPMGYumNUFmipzJtVU_L-XDOju9VZxfCEq3boAVwJ6z6dVnNUV58BO8SapNfm7ByHO-oa7Vuo29YRUpc7-Zt_VqRVyurW4MgyLgyJMNmpGYYCMIfxu02f9Fmm54m7CYUHF4vLeJqZQxRB2JIUQ4uJsV7JTsX1T7XyfwWvGSiRzUT5LPK2r37RLiso4cmmVkTC5OOD2J4yYtvpam6BgO4ph__yL6rYV9SBdKFjVCJii3epowhcHNvzON_Hf26Vcp1nPVp6K5-v_UnckL5n08ncgkK9uC4Z8xYR76QY_vJaeiY3bs-kNKrxD2fa_KMBDSkkbBjRe8pqSSur5dewQARVGvwUxgrt9MOEG7h_yfIcZHcfMZ_yUUYEnAC_R2HIRP5eIAba8kviCPEufn9UoVggYjEGL63Ux6NiVkfmMHE_Lmx64G0YvgKGVI8nL96LSsEz9gkwFG9g6LZryGzoXSbTiPgn_maUQ_10KQij5-7kQCAG2clsts1w-8MaCFHariP8uixHJD97jVLpYEiDjeNZVSLVs9c54Mx53FpkYwrBubMZ_J2tlTdoYuvtQjP_WS7B0F1AOB7E-b6aP_7Z2q6C-qcpLYAj4mSfSObTmqZJN-KQuRZpfZKwOe_Q5cD7yB7MxHsNdRLtmHzXt886o5Kni_bLTYBtTtDPA259Tsrxe87oz3ay0HR7TxJSz63j6ZLieYm0eax15n15FHMNJZK5MF9XJLz3VDs_H9A6R_K1iluMS4kovLD-Ye3pyW2kFKumWDuA65hfUgX1pja8FlH-g3geouwuZSu2kR6ptdr5ehPhpYAAQN0B7Cj61ZoIN-q_7uPTbk1u2rN12Enf8iTzV6IgbQQSO-DGYnHeY7d8p17ulBtHwWliJx848kQpvMMA7jL7Nw1lX-TQUR7rHKRSqRA0JwhfV2Nk-bFsRG1d0DJ-dRAsDvSSiQPDfNo3JErCGdNDPGEi0vyntVh663vNJleWP_AmF0ZU43JPhZEQYYnskEsAp708RiOVNX3qelFwaULZTbHrBTiL889FEgNus2QC79ngppUl0FwUwYN5a5MqRv6Q8sDObJMngovLliGls8yiRScVnC64X5cy5GLjBfx8JsE-vsxbwI57poA-_TiZ6BdlrBmZtCn3fkC7CBmjEfpMfiiRbFNOITDch1ECqHm7lY-3ME_cmKCb-BDyGQYBeqsVgLqkAZM4pu9wQ43uNdhwBxY3wIHEXUVqT4kNG1AVelHi3D0f4RRE19bdkosT90xFxPaY6MXE4-mjJvrZ2AQ26_f_bzHPnhZDynbGr8lCrxjZLwofBK9G1lnbfmZ9CLV_ae2FJkw_V2VikgyTmjXt2vSHxEuianf_DB7wPA&cid=CAQSSwBpAlJWWswGznP_ZZb3YmAZVPce4H5m3gNzGEdxahBYvw1RBmkAgWjSItyh5Cjk29P3uJ0h7fVibOi8IYlVkfVYj9OpyeUekkZ4FhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.appopener.com%2F&ds=l&xdt=1&iif=1&cor=2034843905626090500&adk=1761367587&idt=138&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

599b855581647efab0543043d5371d41dd06f65389279fcc659efb941ae8fd1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=4955640795&adk=1541465834&adf=2575509664&pi=t.ma~as.4955640795&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811439&bpp=1&bdt=1234&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280%2C227x600&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=bFglzNViRN&p=https%3A//www.appopener.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40582
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1ADE 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 09:52:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jul 2024 09:52:56 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1475223/71249285/ Frame 20DB 245 KB
73 KB 217ms
58ms Script
application/javascript 52.213.224.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1475223/71249285/skeleton.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-5645705217995911&ias_chanId=1&ias_placementId=20111337730&bidurl=https://www.appopener.com/yt/oa2f72yep&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0icCea2VT_EaV10VSr2MJtw
Requested by: Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.224.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-224-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 82561a6070e70550144c036c6a68dc4fe4c034edad908b6c7620160e4c69b8e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 20DB 111 KB
39 KB 144ms
39ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 10:17:05 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/ Frame 20DB 11 KB
4 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnmqM_ZQWS-8oUQEQv49gNM6rMoYkvvhTjQwy2xtxy3xX-sNRWkDlt3AUPBtTbjTusdAhuQHdKlvq3NC7SRVofUlXtUjB2iw0Zz2JZGeLEnlw_5ObW3e-nh6CpfZIqUDx-DJiFwB4Kw_FgTan4TPYcEWFtRt1RWMAF2VI-Vt_oC8P36UY&dbm_d=AKAmf-DpWbPB8Gnw8O0rfpQ51rKnbJJcA37bxvY23-cW4fSaCuVp8-nhFiUzY8KqcRwG74WKC5zLbpbGPkB4Q7Ohg89JQbMmI_kvYOW_OVyhQc8y4qwCDiZEjPtF90woqNd9SyfKHN1pS6tqQoBngW9OpeceNKk_TZitfKKl56p1L8s9YqEHQnfAErP2xs4rgC1OgT7wcP5M-Mdx6XI4DedbG9n4N0T5XsrvxNMuQmbvylqi9Xf5MBihejDhA8Hf3cEIaY2RLZsbhW4Bu9Pwz8iiF5qjZN7tnP_wa7tyz-S4eIA-jBP3GJu6TgBhJFKn9alT-4BBMnkFtqZ97cdvJcju-cv9ya4TsGfZPvw1bkdEtDvOrUP1m0lCaNXogJldijP56yNlj5-ukojWlpWkYaQpUSsfacloBfvE7-kixw1IQx7c7qqHt_TOnmsudmbjYZcFVX8bDU8L_NSYKV4yFBCxxjv0ZMTec_oPs1nu2mtRzJi4szcioacHRIbUjfjke3tUKvAQ9v4yFk9DAjGycgqZeDJ9P8gLtDvM_A7mzFNtFG9hD7pEXwviAPDjPv0zwK9u7kv3PIk-kqqAg4A7e2UT7Bg-_o5dkrC7CFo0FZjO5mA_feMEDCjg_QvRnuLnHsiMCI0S38PmETv5eLLvKw3eniP4ZDjprKTLbGNnjOgClL-PLmMfjqxtgmG_t82D_0vavFg1Xmhr_S_Gn7guga0W3l24MEaQh0JSle73p28QU1OtrcQoxKQ7MH3jxrIf-MYn4O_HH3AJkxk7fUaAR6YA9KSzPrjenu7awQ5kueK9TDpwt-pRTJGgxLdvZla-A-HFZGTXswU5p4fODGBIanSnddVEqz1SgsndJXKHdL3ORzlgqloG38HW6l_OxQYzxi5-6ZwYRhnoCTxX0kOVLzjwgbHfoJYovuu2s4-FZiOBJPzo9lhLH6G_32lQEmSV-xZAjwHwPpHOGnlCnp7528kLzUjc3cpCFw3O0df4l83VttJyrqMH2yjyXjkFX_IsOh5KLEL_cpn8-15aSA7hwIT1HpMlQVfdY6jg93vD4T60rqr6AJC8wlHdhYRfnLmu3_CGDWLYm2sZk0Xz6SALfwfPGkUhkBoagTSe0TM8K4o3YCjLpWR4GI_v4z0lhRc72olkGTtV95RPAKhXFoJo-jwKEB6--nyaD8hgOT1XD3vOIbGGxVreVV-7DrP7noBrQKrSKMjX9byaiftDrJ5fM2F8xEVvWDWCdCXFEvjxpXG4UFSQCP8Mr-Q87Ti3Dl37TUhxAQqLzmIw8ijw08QYIpZy4yNHpdUjGOKAvrdTUO1-LirLqNtDkDfbtfetIbj166MJtsUgGH9EyKTbj5qsegjRVLV-werd4d1Jo996LqSHKaNPHXPO5B8i8sRR5YrpK1lb9S2PJ22nqVqyk2XM69Hy1njYRJ8e71Y2OrkMnu2T3X1G9tWp9obHm0WehdJQUVID9w64jL7_DvWZ0cpefdE2vQyvWR3paiisWdIRPcrfGgYGtgErAu01DP_dZsqvq5I5xZGqMFTMo6lpMJQI27fmrzFIvQY31aQW124sGwoR315BWXY_8RxR1ccUdzqG1Z9PVpAtHwgzbuMaUmyYUM14L67eY4NUxrw1ZPisGmrxhNlb-VpzQKAlQTqgaXjRGWJ16twr7fipu7hfJJ2U16k20I3Drj4MUeF4X1tau3WvOMGiQXHyyjAko1GxX_Y-x1PDiyDczy7XDC4OvG8GLnhpdd1hYQY2agHinsIoy3i1fej9yNbIiT88c026kGpl0WkTDotBwUavO9zK3J6UnKOtYnYQicetSigehZPgef7y91MN6y8glCsicnaVcrXWXButEngOOckw69R-PmXniVwaEFKD_q4rBJ7vQtDOglWhCGVvalTp2e9Q9ywhh1YNoxzWlDjTzDCIubmU1nuNdcYcNUOLDfs-m33WhKt7IPuI7dqihJe8-MVGUpI55X8BzDxmve_u5VqIsjGJ1lautI0ajP6ibj3PMsytO-6K6AYp8DSi9ntb98LHFJkqAaHmTduDel5H1jOVYYiQrCub75hfV6i6YpQOMgwqiIsJ9j9AtDomWp7QsVQ1ui48eAbtleteo-VgEuSAmZx3wmgQD2NoTx0LWFDtvLWES2ZxYKBF9xtTIckRvrwUH7SZ3hQ_RWW4AkEnBwctJbZXADlmLid0UEjbElq1lBAq4Vo30Rxz75jr5b2QBKLUBQ_sX3nSmIUfEqLBnRmM7y9o-V8ub9tASgUnPRcuF339IFdQt05EOtcv8Gz2NvvvWhA7w6YqxZamFyKL83sxPMGYumNUFmipzJtVU_L-XDOju9VZxfCEq3boAVwJ6z6dVnNUV58BO8SapNfm7ByHO-oa7Vuo29YRUpc7-Zt_VqRVyurW4MgyLgyJMNmpGYYCMIfxu02f9Fmm54m7CYUHF4vLeJqZQxRB2JIUQ4uJsV7JTsX1T7XyfwWvGSiRzUT5LPK2r37RLiso4cmmVkTC5OOD2J4yYtvpam6BgO4ph__yL6rYV9SBdKFjVCJii3epowhcHNvzON_Hf26Vcp1nPVp6K5-v_UnckL5n08ncgkK9uC4Z8xYR76QY_vJaeiY3bs-kNKrxD2fa_KMBDSkkbBjRe8pqSSur5dewQARVGvwUxgrt9MOEG7h_yfIcZHcfMZ_yUUYEnAC_R2HIRP5eIAba8kviCPEufn9UoVggYjEGL63Ux6NiVkfmMHE_Lmx64G0YvgKGVI8nL96LSsEz9gkwFG9g6LZryGzoXSbTiPgn_maUQ_10KQij5-7kQCAG2clsts1w-8MaCFHariP8uixHJD97jVLpYEiDjeNZVSLVs9c54Mx53FpkYwrBubMZ_J2tlTdoYuvtQjP_WS7B0F1AOB7E-b6aP_7Z2q6C-qcpLYAj4mSfSObTmqZJN-KQuRZpfZKwOe_Q5cD7yB7MxHsNdRLtmHzXt886o5Kni_bLTYBtTtDPA259Tsrxe87oz3ay0HR7TxJSz63j6ZLieYm0eax15n15FHMNJZK5MF9XJLz3VDs_H9A6R_K1iluMS4kovLD-Ye3pyW2kFKumWDuA65hfUgX1pja8FlH-g3geouwuZSu2kR6ptdr5ehPhpYAAQN0B7Cj61ZoIN-q_7uPTbk1u2rN12Enf8iTzV6IgbQQSO-DGYnHeY7d8p17ulBtHwWliJx848kQpvMMA7jL7Nw1lX-TQUR7rHKRSqRA0JwhfV2Nk-bFsRG1d0DJ-dRAsDvSSiQPDfNo3JErCGdNDPGEi0vyntVh663vNJleWP_AmF0ZU43JPhZEQYYnskEsAp708RiOVNX3qelFwaULZTbHrBTiL889FEgNus2QC79ngppUl0FwUwYN5a5MqRv6Q8sDObJMngovLliGls8yiRScVnC64X5cy5GLjBfx8JsE-vsxbwI57poA-_TiZ6BdlrBmZtCn3fkC7CBmjEfpMfiiRbFNOITDch1ECqHm7lY-3ME_cmKCb-BDyGQYBeqsVgLqkAZM4pu9wQ43uNdhwBxY3wIHEXUVqT4kNG1AVelHi3D0f4RRE19bdkosT90xFxPaY6MXE4-mjJvrZ2AQ26_f_bzHPnhZDynbGr8lCrxjZLwofBK9G1lnbfmZ9CLV_ae2FJkw_V2VikgyTmjXt2vSHxEuianf_DB7wPA&cid=CAQSSwBpAlJWWswGznP_ZZb3YmAZVPce4H5m3gNzGEdxahBYvw1RBmkAgWjSItyh5Cjk29P3uJ0h7fVibOi8IYlVkfVYj9OpyeUekkZ4FhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.appopener.com%2F&ds=l&xdt=1&iif=1&cor=2034843905626090500&adk=1761367587&idt=138&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:16:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 20DB 30 KB
11 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:16:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 20DB 41 KB
13 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 337058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 13:52:35 GMT

GET
DATA 200
OK truncated
/ Frame 20DB 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5aa1cf69086039ddb8ec9eb33764e5b0235e20343171cf7baaaa2037b59bad2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 648F 42 B
174 B 85ms
84ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXtC8vi-BXqapYIKmfyYd_a75wojsMcCXq7cCu-d1tF3MCxTL5q5uTgIRgASDSOcKCs-3HyPD7RAYPAdBpc_0ZfCS1pgXdCFSsB8wwCSLXA97MFP6ubU5mVPQsUrHRTXXLy1KuQrqz59ps&sai=AMfl-YT04q_YCkMJsaa3sNROCFkpsOv2pH9M9ZvY7LAjdURQFU44sjpGhZ6Pz17iKHzcSWiVG_9MJBv71eSP&sig=Cg0ArKJSzH2UM70KkGsWEAE&cid=CAQSGwBpAlJWhFFiVJTtFiqOZ8wObFuET6jtRA0BiRgB&id=lidar2&mcvt=1025&p=0,0,280,1200&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20230705&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3497407662&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688815810968&rpt=1100&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r4---sn-4g5lznes.c.2mdn.net/videoplayback/id/39af86965829d928/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720351812/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 26E6 3 MB
0 86ms
41ms Media
video/mp4 2a00:1450:4001:10::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:10::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 08 Jul 2023 11:30:13 GMT
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-3622038/3622039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 3622039
last-modified: Fri, 15 Jul 2022 17:18:28 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1ADE 0
20 B 77ms
74ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BhGG4xEipZMX1IIuC2fcPgJOx2AUAAAAAOAHgBAI&bg=!ISKlInbNAAb90kgr3dI7ADkAdvg8WoO1Cjf3yj7dzwNqvBTrDds7_RGvmTGdzypekRIG3kb_KnYs6wr1HJ5NduhifU8OwlWpMEUCAAAAZ1IAAAA6aAEHmQLTxuYGAhakH0L8k-XFGES9cfdKnaKNDvWvvAIbAJoGmheFWEIH9euBa-zO-zoLXpoQlUNWN_yl_-WypNm48IuCMLAZm3eCDv33Asvn4AUnAn6q4wWVcGcNhukkPvJMl8B0PUuz8BQFd7pzWXDk_vyCwTQ6Cv-difoFcT6DvlT_mK3HMWvaHwJ9sIHk-Lnvmx5BHxbkae7_jqTZaow1pJcBXEMZYP7a7vorWm6Um8P296BSSnfe6Uq1sgCPlZ2DZ4HJ2jKyjguN3HGUtFO9f_MKGWaB-NJRwxeoV0a_Gj5MYWDaSOrFLfTgiufVIRZ2785JdV2PmlP_d5lhv3b1PcIOZ-IKsvlBpKVLcA7Yl8-0subWOt3OV7XGAC4kHNpkY6_N9Nv2gPIkYemDANdObnBNbGiLV60IJcZwkzfAxvn0i8JfC8hGGv2HU6yc2NHKVjhFyHxASveUOWDNUkYLXt3JeMfb63ZX3MC9vQA4kNLaoMvVqQQWZ5wDtJ72_y_1Es9RSRRv-KunPj2EAwTBS7gIOwMPaZXOJlfO6eQ9RR__XNVEit3AHhArMdaCeBPYzIN-Jt14hlwLb4PzvDMGFU4KujYjPEaPNMoOjipnlIWmGU7ZCXNE3mQzaOwGaVjX1u59yEu5b9EN_MLBRTK35hqSHE36eOkFGaxKb2R3qA9w7W0JxksHth3lWlT_RNsJyxyFbbTEXuovn4eTVB0HcAjra2jRwX_m0MLEkZBmsu1owDMUQkl23kVoBFswgVcPkbdVhsqATVvrT9NSn0e0GZZYbQyTt8rJcPdUTLVrznUwk6cJ2CyZJ1KbRgOJFc39U3AcAjZX1Ezb3OYnBhtGcIkw5Caaps-UomJP16flVHmZ3Rw2VdCfA2s4kMqyO8VcLzd3WaOBNif0zdOqYhwhE42GgW6OaybTReEb8QNP42lBy9cLQzaz2xUwQJTf_g53LduK9yTR

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8820 22 KB
8 KB 43ms
41ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 158243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:32:50 GMT
expires: Fri, 05 Jul 2024 15:32:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 8820 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 06:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jul 2024 06:25:48 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15425370921734795581/ Frame 3266 6 KB
2 KB 124ms
40ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15425370921734795581/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3b314c94ba9fa92b1f0623856bc5bacb0662074f26aa4cd1fde2b50dd9dcd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 432777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2279
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 11:17:16 GMT
expires: Tue, 02 Jul 2024 11:17:16 GMT
last-modified: Tue, 09 May 2023 14:23:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 20DB 0
0 316ms
90ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuA9JN27MKHY2Ebiga8baMGQMPT8kdAutP1ptsbCb6_Fsk_cIKCG2DQLY77WZXjeDvNOASD5sxh9H1ZcAogcSlH0JnfSIkhsgxjZgwT_5LDs1DfpNBRsi8V6nNu_UwfDDv2zOo2QPbCDfBBrKyMJAh0h6zVtUJY8n3RLU8NpxQ5hr869UcBJPhKp43-uq1Q6HBSibEElwU5ixcecebksc5vgrWT76Q9I_Y6BXxhJmowgrhuD5sM54BvcdPpRJwJJHx1pJ2obWDq8UiqPnf_Tf9HG7mhOOErWm0NgV_1d-KjHxGC7NGafQ-rm5mpdwxPa8ptCRAyiAcQM35_lNi4VVtYUxhm7qUL9ef-O9YkuAbaYS-Rkj8GPW3v9U2SIBVhSahyUBuC4psEahXFbj6-uP6ituNZ_-yHJ9lNy3GCaKLSH06qkA-WgssTTAMO3irgxUJJqtI3bVaUuX3lQDC5Zpc-gVJhihb_DBm9zp5oMB507Bvt3aH8zE7Cr3ht2GbMqSbHQvNEIiKgPoHQ3DBWNba5jFtXXmMw9CS0-I-MvMGrABhYIx7xanxoNbwsx2-E0N7PGIWa0McqM2FuajnirAgJ3jhsONSgBA0OkecukDV7x9rjjlNXhvVoQuN14mQkTi78Ltum2M2ycvqBOemnlrawwUL8htu6uwD5dnryNW4iVyf1QIbHU5zFnKUv8zZc-QNajlO-263v-Xf4gkYmDp5AacpoPhLDATgMmE0RP3aZXZ1AhBrdPrFwG5yM61Og9Smvveon4yN6tFbrVdXgNsRMnnTFCQqO2NXZzm8KaDDGR-wxT9-5MejPA2C4JQpSyuDhc1bcEjAam5qsorbmvevX2n2ALsSRVWEZPTv66az1ZocZr-AxHPKcqUP5UjAEKsGVpdBpnxi29yp3SxKmKNq1k4sRqDmTHZOK2UU_Ak8c6fL0H3ce2hgvBShbBC-krHfqF2bZcIFzy0XZBK2QF0hediNsBglyG9LBMg3FV_U7uUpEE8HC7fImGyvhd4ddcn_df7KQWDX5YrVkxQD7TQUx74myp4vH6UCkkZJSQAwy1JLWco2xKS-ByaV61Fph5hF4T_JXI7qvo3YMzBIBC7XmgpPeasH-GTCdiQ3tuBWOzpfP-diBHy4p5uTAebgWVum9BMJem4uIBNTWtRVOiOVWp9tmEkejpMgKjC_Zu617GnNA03bt4JtfVAjQ3EzrBm0c0J-z7NKhV5TXlW5fkSdpTDYuMF6525FfuqMnT9zmhtEIohXQBo-g1HXePcluIC5Tn7K4l2CzEPk&sai=AMfl-YRhsbF5miPfzFGmSN95mTQDzeCxJyXhx-pVyBpsDraDLn-zcVVOg4dzqCE7ntyVO6UzjzTUJvRovhKYJgjHpdWX2gwb23Rn-bqDLP8ArVwNfD68xGmfRH6MRt1izIAPu9ujD1SP23pLPb15nMlMGGFbx9itVU0H0hOW5jZtYc1C4TG3k0cJgnvUxpK7FWEfjQ8hGgTPHLSs_Q2-_dyQP8UHmMBGPLjxr2guQGsbom7OKIY9l-83cKic5kKcBsiAQPUsgbViT8A-HwuD1m0PBHJgKgZBofIj&sig=Cg0ArKJSzLcTDTOwuNCYEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=216&cbvp=1&cstd=212&cisv=r20230705.37807&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:30:13 GMT

GET
H2 200 dc_oe=ChMIxefjlIH__wIVC0H2CB2ASQxbEAAYACCog6ZTQhMI__KIlIH__wIV_ByKAx2rIgOX;met=1;acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame 26E6 42 B
401 B 275ms
77ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxefjlIH__wIVC0H2CB2ASQxbEAAYACCog6ZTQhMI__KIlIH__wIV_ByKAx2rIgOX;met=1;acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D26965%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D642875681%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1688815813310;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 26E6 42 B
64 B 81ms
78ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrQATw0ipZL-FA_y5qMwPq8WMuAnM3Ozpb6bitYOyEMCNtwEQASCPlPaXAWCVivyBlAegAfeb7eAoyAEFqAMByAObBKoE-AFP0EclfaIGD-cRSNM677JaERV3Lyubb9WzoIgztJklJY0S_0Cjc0WjJr19BMn9E1t10mWmv51T6MmX7yzQfzKMqu-lDLHa9YSJgb3653r1FdJSO4eyza0r0B9bzPq6HGIV7UCLPCASaeVMb-y7e1tH93V_-t9snjKMlEzq9KfuG7a_0iVwVkuHXIaD_4hM21VooYHVhSuW_GIyGbbZtGMWeHBRKeAoi50hv-9zzHZoFWxcatVDrcapbQJ55emZRLmMzzmXfGsGp9pTLmo7ZXEtQZz0fXzzTK9c754F-occh7DJz0j14CjCcUNYLsEutrhxSwosFeiUe8AEv4f78IIE4AQDkAYBoAZ2gAf3073AA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBO2pP0T0BMA2BMNiBQG2BQB0BUB-BYBgBcB&sigh=ItUjx_vf0xw&label=part2viewed&ad_mt=7&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D26965%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D642875681%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1688815813310

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 26E6 0
557 B 279ms
89ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMM5RKFoXjrh3c1A8h1Kb9aj-2j2xvomcAhhQa4C-lgRFt1MI1WEPw5xRnKf1XVZw7ppsbA7pAY6ICf_cwY7r3aVYHB8rtBk2C-XUj9K4zenPPnhmjdfViIYTGnRNIDaka9bTWM089vSV3NkIkk1pWPeEWH0YI-152RJjJXRULop8PqCdOpXbxBkSK-GXmwYSzOnEYbhUDuH-gY7fvXQBxenwlZ7h4sgyJS6b1gSodJHANiBFLoXrjV1WhXT0-Zh8t3JR15x0u-ecZkKysA9v5SvO7eey5SnFKGMdr-qtXMUTmNB0CthTeL8ivAI7oUr-_DeJoKoWz4XooRW1rTk09DuPXgwPMw1JX8sb0CxBw71975-XPfxeXG_Cmmrz3J9IHVWnaq-BZdAv1yaJKWIE6IT2Qvjz9GHWsBWTbu6MrZTogJQ9bnrk-1TOyKxQgYmFkeZUdQVw4fMX4T6BS7_zwXfNlkmjaetRF2Lkfr4s7ch_yICQkuNC7EAnY2m83peOpNBjVWGq1zZoAxh6IGszqMFR0KoG5yUt06JI8MeWQWafPXibZsw5qP8uCRYp_TaCqOftSnVaxq0agQHKUnXh5XgovMQ3c_8FpP1bK76I0CcqeVp_ajLdZkBUbhIrot0hPmrtD66niBITWfVBIUg9V0HFIc4SBDWI2UcTKLXn-2MZqUvKHA_FS0sran1YEST12XROV7sKYFGi-aIBqleyQVpy8eAiB4e-fsaScjoCNXWvocoH29QVKNzTcdlZitOHXav0O1eENFs6lOFk7Svz3K864AiGnEnH8aM5rffQAPKtRXPakc3y0enYHdVn5Ld5RFuxz3Ca0131nNDAwZXISOpuXS_pcOSxtpwsHXgRIT6CA8nxJVflt0ATDoehqg9XyBYx6ABh0THP8eLSwGABAxkuqsRhNCZxjLW-Wqe_kZOsHrXE-nAdAoC-8tW-RYyGsUADXNSfv7vjVFtETj1bIBlmddqm1pPNeWGdfpvypl6kJjG1tPWB7oqrrA7CO8WYOPEGd1ZaeWvJyt1JgnOl68t_8tAwVYHOV3MYGTX8_-hNzjAwOCU8TV5EeTL0bVKg3jMrqhkGfvDaSXXJ5929I3Iti9N6SIpsDzEeyWtyf-hnDVDE1hDXCcwz6xL1X5um185JnhPfYRwe7YLbrTkZbXkPz29B7Kw&sai=AMfl-YTqIwqPFXq9t5mQKFWHi_J4_vBNQUaGEqE7Gqudk-aKstEYSSMsiBZd57HTmvxv3A70zgJhPU83OVEqeZHVDjxZcC3LQiPzsaCmDqYXuiySk2o4zo_M9ca2n8w-1Q9hb3OeQVDBnvCVVLmXTy9IGEKbvVly2BFmw7wwAkbeMWdcQUlWMvs&sig=Cg0ArKJSzDxuptFbXo-zEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 26E6 0
16 B 84ms
81ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBC6zZbUAxj_gLHPASABMAE&v=APEucNWbsEcDcPmaqc-43CdJvIxy9VS96hzBSOmb0193dSvXuGIptuIXShyZfi0xuFQipShu9qa9yiwT7mxJ1yZGpIcxjcvfjA

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26E6 0
20 B 79ms
75ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 26E6 42 B
64 B 81ms
78ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBKHumNjt7qIM0tS_iMScisPwNBWcFry2jNgAzUkTtqIfpuZv2oDHWcuCQSXBDCUowOtR_uvg8mIXsrwwzJ6tgfwT6Z-rQydbmhB3AtpsZiflSot_GVNM7BN2CGJ8yY-5yqpz2cFuIkOOI&sai=AMfl-YQfM1BoA2Icuydf3dObKFQ35xl6GYs5K1VMXv-hZ-GmzbPrdBRxwa8G9NDgS2u1do0hs4SGc7VNMIwA&sig=Cg0ArKJSzOq1ytRXnFdNEAE&cid=CAQSGwBpAlJWtNMKt2JIcQTBt2IjP5pRe6G4wqPaExgB&id=lidarv&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D26965%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D642875681%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1688815813310&avm=1

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 26E6 42 B
64 B 83ms
79ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrQATw0ipZL-FA_y5qMwPq8WMuAnM3Ozpb6bitYOyEMCNtwEQASCPlPaXAWCVivyBlAegAfeb7eAoyAEFqAMByAObBKoE-AFP0EclfaIGD-cRSNM677JaERV3Lyubb9WzoIgztJklJY0S_0Cjc0WjJr19BMn9E1t10mWmv51T6MmX7yzQfzKMqu-lDLHa9YSJgb3653r1FdJSO4eyza0r0B9bzPq6HGIV7UCLPCASaeVMb-y7e1tH93V_-t9snjKMlEzq9KfuG7a_0iVwVkuHXIaD_4hM21VooYHVhSuW_GIyGbbZtGMWeHBRKeAoi50hv-9zzHZoFWxcatVDrcapbQJ55emZRLmMzzmXfGsGp9pTLmo7ZXEtQZz0fXzzTK9c754F-occh7DJz0j14CjCcUNYLsEutrhxSwosFeiUe8AEv4f78IIE4AQDkAYBoAZ2gAf3073AA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBsBO2pP0T0BMA2BMNiBQG2BQB0BUB-BYBgBcB&sigh=ItUjx_vf0xw&label=vast_creativeview&ad_mt=7&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D26965%26vmtime%3D6%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D642875681%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1688815813310

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230705/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 26E6 0
17 B 61ms
60ms Ping
image/gif 2a00:1450:4009:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~ljtxbwwx&c=3251888513429&slotId=1625944256714.5&qqid=CP_yiJSB__8CFfwcigMdqyIDlw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=878&mt=video%2Fmp4&vs=1024x576&dm=27000&ple=0&umsem=0&event_name=first_play&asset_bytes=193652&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1tr~videopreviewstarted.1ts
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:818::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FA03 640 B
265 B 87ms
80ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNXp28uBlHmePvrQvatBNsYCQrWcYogoaMC20qhWxPoFFhintn5Mq1wXNzgZ6zVrXnQbuQ15b1dJdS8kVhqUP-pmKHvUIkGY7h0L4u_HFMBod4R5I31Yrr9O1oGndkaOkLdUAn75NDWHyJdRcnQqDh71KRWCdewcN2rN0czICgifB88PeGE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=6552881547&adk=3552395109&adf=2735220127&pi=t.ma~as.6552881547&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811428&bpp=1&bdt=1223&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iZ9PbHMfko&p=https%3A//www.appopener.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=6552881547&adk=3552395109&adf=2735220127&pi=t.ma~as.6552881547&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811428&bpp=1&bdt=1223&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iZ9PbHMfko&p=https%3A//www.appopener.com&dtd=7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 11:30:13 GMT
expires: Sat, 08 Jul 2023 11:30:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3415 78 KB
27 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:30:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 3415 3 KB
1 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:54:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 10:54:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/ Frame 3415 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230705/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:19:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:19:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3415 179 KB
56 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:30:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3415 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CTZJujeBOH3SxHgiFISpVniUQW5CE2DRsn1e9OSC31VJaAS18Wmh3XRqhP8ZqBRgGAfxPSPBlzsP39bWaTvjVjJ3tbmnWNAdS312s-7StFXMg1i9g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3415 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9049855347141973613&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 20DB
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1475223/71249285/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-5645705217995911&ias_chanId=1&ias_placementId=20111337730&bidurl=https://www.appopener.co...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

106ms
61ms

Script
application/javascript

2600:9000:2134:9000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=4955640795&adk=1541465834&adf=2575509664&pi=t.ma~as.4955640795&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811439&bpp=1&bdt=1234&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280%2C227x600&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=bFglzNViRN&p=https%3A//www.appopener.com&dtd=6
Protocol: H2
Server: 2600:9000:2134:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:42:03 GMT
x-amz-version-id: SJLYBA351pqECJYqjJA4.3WvprugNKiT
content-encoding: gzip
via: 1.1 4bf67fa3f3c5285ab6c4bc6a5127ce32.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C2
age: 229691
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 05 Jul 2023 19:42:00 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: cMROK_uFIi0NzFT3jnQ7NRMWQQx6PNpkKie0wHFe8AV2p1kTYzPUCg==

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 3C39 91 KB
23 KB 171ms
55ms Script
application/javascript 2600:9000:2134:9000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=4955640795&adk=1541465834&adf=2575509664&pi=t.ma~as.4955640795&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811439&bpp=1&bdt=1234&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280%2C227x600&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=bFglzNViRN&p=https%3A//www.appopener.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2134:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 03:25:04 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 4bf67fa3f3c5285ab6c4bc6a5127ce32.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C2
age: 8582710
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: UfxqJ9s5EsUSK2fRoFcJluxeneLSNRLBBitw66pCwIgHp7tMJxUIgw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 20DB 43 B
215 B 392ms
119ms Image
image/gif 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=627dbc86-4b88-c3ac-78f2-d11da0a30445&tv=%7Bc:hM4zRP,pingTime:-3,time:54,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:54,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJpV2Qn+11%7C12%7C131%7C132%7C1411%7C151*.1475223-71249285%7C1511%7C1512%7C1513%7C161,idMap:151*,rmeas:1,rend:0,renddet:DIV,siq:23%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=4955640795&adk=1541465834&adf=2575509664&pi=t.ma~as.4955640795&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811439&bpp=1&bdt=1234&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280%2C227x600&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=bFglzNViRN&p=https%3A//www.appopener.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 20DB 43 B
215 B 390ms
120ms Image
image/gif 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=627dbc86-4b88-c3ac-78f2-d11da0a30445&tv=%7Bc:hM4zRQ,pingTime:-6,time:55,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJpV2Qn+11%7C12%7C131%7C132%7C1411%7C151*.1475223-71249285%7C1511%7C1512%7C1513%7C161,idMap:151*,rmeas:1,rend:0,renddet:DIV,siq:23%7D&tpiLookup=ao:www.appopener.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=4955640795&adk=1541465834&adf=2575509664&pi=t.ma~as.4955640795&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811439&bpp=1&bdt=1234&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280%2C227x600&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=bFglzNViRN&p=https%3A//www.appopener.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8820 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIK2JxEipZPrAN6efjuwPi82v-A0AAAAAOAHgBAI&bg=!MTKlMmbNAAb90kgr3dI7ADkAdvg8Wja1DD3MX89QlhNdc5zZv-ROTh8Fuqd1e4z9mQi1Fr3-i6XxSFAdyb_KfbCxNGjY0kCEtAQCAAAAnVIAAAAIaAEHCgBKm7iMqkc3_lSBlwFJPOnWccsaVTmtQuoAS1cV-5ufF4M_gQOwr0oE5c68iAUxQxkZE3X1enWq3ZO6n3eUjLbz5Z6LJnTB-mrYzLaZAvosx3foJvYRnYg6jugD31JMGYk0-fw1EzlwTFR4y1A9WhcGQnFoWu_Q2hn5qnJkry3heyjmmG2Qyu7KFWFhX9tQqcv9Uqhl_0c39G3-xpe6Lnmnvq7Qibr5sqFSRhfoqbnk3xn6tCgVn3DUzdy6rgBFeoIA1QmTOcYAZQYiv2GV0qiurhG08rhRuCxoF6iT_IILtXrKIx-TiiVVYJv3PVXK0FGpYnfjpJpLaYLwtAivBHTYdk6xjrDGIPZCXi_esHpC6yxlMRXdO7teFBejgrfwoeXqCiKEcNNVU2o8wT4YnbRz7LzLh8YqerQWZ1qHbZweo5e4Xu-XfV5cY9rE16fo20E77FppbsJNhrtgJKPU9NhYdFJdE-CWZUxSbxH8jJwoJipcYUunziHi00bKemDQRfyVP-MLo1zw1gHfx8AESEvBR1lBX0dxDL-p4Iv6CRtHq2iyfPg61P2n2DnRaPniUa1pN91qvT94fN0ASfF2doAGUH4lIL9cCDwpD1tTJfxVmrC7PLAQvSJoEkdyXGbNNMwGXVr5reMX6a4qqfRBz3LZUPXRD9ap-a5dvsGSF2qphxR8BF81HSR4nrQOe-YvYnYbdOMMEiW5DIUi9h1JgGG7JSx0Z4BJvtUNPSf_awq_UBjd3XjJVyr33oUPnbLkoUD7u-AzrID8HSXDM4xDWtosVHF2A_YoUX6YW17rA0b1RidNSxVQ9nyB2_pLLqheaBUxrRb2ZrLBE3-uqlRfrYkzd4ojXyAzg_atE3kRayWQGAIUkXmHwzn1jbV181J_GO19NOXsp4v_dxmpcEdyC3tIkQJg5uytckICQPDExB2JjfAUV1QRju4cHdYErp_DRquM7qiuiY8dvcDfoQN1UEvcX8A6rHcQtwx6ABwa4i8FqJ6B1wiIxKL6ys6jipm1_orUTJSI43TwWV_mkwfwmcRHKISYB-i0Omp1V9-WGzLhqwTbTK6c9lzY6eBs3qN3xBb-8Inumb1feOgW8m_c5189QYhkLUVtOXw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 20DB 43 B
216 B 383ms
118ms Image
image/gif 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=627dbc86-4b88-c3ac-78f2-d11da0a30445&tv=%7Bc:hM4zRY,pingTime:-2,time:63,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:700,beZ:702,mfA:703,cmA:704,inA:704,inZ:707,prA:707,prZ:718,si:723,poA:724,poZ:751,cmZ:751,mfZ:751,loA:755,loZ:757,ltA:763,ltZ:763%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:63,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJpV2Qn+11%7C12%7C131%7C132%7C1411%7C151*.1475223-71249285%7C1511%7C1512%7C1513%7C161,idMap:151*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:23,sinceFw:38,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=4955640795&adk=1541465834&adf=2575509664&pi=t.ma~as.4955640795&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811439&bpp=1&bdt=1234&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280%2C227x600&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=699&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=bFglzNViRN&p=https%3A//www.appopener.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET createjs.min.js
code.createjs.com/1.0.0/ Frame 3266 0
0

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/15425370921734795581/ Frame 3266 199 KB
37 KB 43ms
41ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15425370921734795581/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15425370921734795581/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab06507488ca1d4419bb16f8300295aec97f231938605b17537d661cf0503f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15425370921734795581/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 08:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37481
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:23:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 Jul 2024 08:10:26 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3415 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4560497476643&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3415 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4560497476643&version=m202301230201&ct=76&x=1&cor=9049855347141974000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3415 104 KB
40 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ct36zQkCFf4zYLkMkvSh2Oh0vu3SBMUucvXZ-PYEYdPYEaVh9lks5ZHoHjvIPhiytZVjAmQQVxSso_C7R_9yM5f83vvxOiYtS_RjKPPa2q7K1iD_bqzVHJ13bIrc59EY5f-RlC7xhyRN8Ms50yPqFo2Uab3fxREKdONZbMMFjPJn3hzoM&dbm_d=AKAmf-CT1CFZGt0muZd5rQvmEDpY9rOg8OY91Xcz6IuZ3glhyAqH85_pziZIjs_X_j-1OoUAhbZewvIfhfoT9IVu3OqiaVnNaSdqcbloBb5YtjFSi9V2WG5JIm5NApCke-W7utnRD7RHbIvQrAeJatrjkdjknfUm-oygk29cvoiGjTzSA5tGd49A7TyBGydpwXPoluSEKIaJTOMhBk4zxIO87CbKHtZYsge7EQ0CiDa1OphUAhLrA8TyFxh773YGfBYZYJ4q-bE0wTX5Og6Vk3J2uXUE_jsGxq89_VXD4ih0ATMsxKaKPpQlA_yCzKewIHfyyyE7ikTqPuySu1gHECp-iHEaQNAFAmCTdMnmD4-k1OWZ5zyWZZ1cZzKG2kPSo_2JNaspt4bAk3ehGEOTiqdz3CUfIOf9jwUSEaz6mCan95_JQ5P6Gl1Ow44FBw7g8HFjWAm9GbfDRwSGEOSfOtn86h3uLpKIaeIP64wzzvz-7QklrwpmJvdtF0cMljPP5nItLUvT1kbDlzoWg-CFms2an263qdB5AO8olG9HbtdfBCZolhim8rZ3N33GlogDPk4cQblFps2AlQJQSlDL3lpyjo41i93TFURXJ0LI89XREZzsUXf8DCbaEajnP9xcqoqH1ouHZBFqph0rrZTsmnZPD48QsIaaYaJmTRwyWoMXfbaf-nf2fVw1nNAEhkq-C4CNit5lM3vfw3tj2AkAxyA2dbi0kwpQF7yXhnSyq6_5DLRbCo9FGpuzFeZyMYems6sI1-7Ptd9p4c5PnReZ0IDd9o6-pWhCyQ5q89_N0M7QJsS0fd7AP7FlWRSDcjyyjUVOZ6cSekV55MbUqDyX-R-DkK6tzCTt7FQ_DoA85mrAdfbrA0g2OSaZAMy98r7rCWe4-urbD2s9m_ipv-IwRBUTknpskd2kTK-FCZwCrSIf_q0FACeXxGdED8-FXZ5PvLaDGA2d7JwurAvyf07puK3ALU9D661pFTO6HtPu0ItXgF-v8c0zG_LDzAyReJIXjXu1Fc-eOBGDPKCmkeSwbqbhHH3zS89Xre5yjibiU-NMPwR8ceScYdxnS3PxifZvy2QpFxJc8yEzvILT5AmfThCCEEz683sPMuQHeJf_njpK5VVBqwt_GndVsBG2cGJjtNP5e-OB444quaMmHt7unH-Q_Pxj1Rz2CXUrwPKQEgQuUmL89zRvYE4LpCuhYfB7LT2TaXO9RQV9EtfjT6asuMsYpLtVVszRXRKZcWryo4B6fJvGox6NH-Ar7yEaE_yJZh7n3uIBKGxWJeMawuXalVi9yPm7MM5Y8clauaNxag0yI1W8AgHQd2OjxP78p2B_KZJU4mUxLajUR8S1uOyUtH55WR4BgQPIF2du2y5wtKstvmF-GeDz6P9MElPu_V0mSZU4QA8AhkRegMaymvQHnJM9o0ubi4xyB9pYFtiblCSedvMI5rgyMGzgRCjZQMqgYrpfdzFyHM6kJ1CxQHgdEhmHmkF5b9tm8_iwyZ1G9JNu0NWFCR4L6cCuTYAskiIFndJ2cLLKXeamsIT2NaaRt-aPl849uIJgg6CF4k4u3z_AozhY7KABldWf9ZfSdClTdiQuih6jbbLo9mGjyA2FkJLQmirZOfklyVwq53E82piaK90sD2u6FBiCW_pfks4etB-Bbaia1a7y2JOZWFjxr8HxcSpg--gzjhv9bZxzZpWG8pLr3ZyU85FS8W8CkAhtr98H1mSoXaBo-UHc4M8Zxvlyt5C5CZsjuXHIhzULWFC8QQSEAcHgY9lfVEaY9F1LmFaVpUD4DTYdmAZPu6Jajxf0u25Eo-ZKNZsJ4zgmGz-fK7G3zsB_Nq8wOMh7lUcLzRQGNrY-sgKV6fsxX4YScozTNA7zHl9HrX5F6xgxp0ZickNxDvAgAeY1MRp9pNbrvv0os7yT-UOBGWQrXBhNRVmePCVD3IfueqJN4KYwNfNiVHOrkwEr0DP7eNMyjlRO0A08DTESS85YELyaGjNg3Ugcq0FXn8gcaOzz4U0T_-zGYJW_ILzbqKev_RFuX9bpiNXs5D4CpAs1FvkzcySN7LpHYBFro54JUpHGqgDLoijg5P6LqMu5sm-ib4d06MpsYL9fD62Xz6qO5_zucn7VGzgAHlqCWI3ZYARm--eSawus7eAuvAQ0xYcKkizrWNsvWyhFwwCUEcBbtTQTvKfbov1UaVofque8UFgec0MZAU_dbiZnfjzC2UyQrXA35oUr9bGFmP5HDrsxdJim9e3GZY8R8abSVSQ4hspYB34LeB8KwZL1ZO_uR-9r56xcdlSjUidDbJoTjeV2lXGIeo4zub6YIeGDB2QFIs22YKpl4pzhVQjEKIMpMhOsQuAfI53Kl0piX5T39lsbFDj1ZJtlysOXPgA12ZyvXDbsM5fNKBMUJgSSLnm27Y2hwPVl7B_Xo4g_T5xz7HVd0SMc-BiL_VYiMuTlP_gQQQ72k462bgTC-bPUPOTn11iF6F67Aak27us3eOsB0l9PNBTkLMU2C_9WRBVcirnayzcjFHX0iBLl2TiXJp9IhpZkJJSfExhhLZcSt-UhnCBVgW2zxAKdZCTeckhkmgG3FMQg-DN7CsjRzHIlpjp_g46JVmzX_fh7ks3seyHiRB4RLL70Hu_FvT7tvkRwzO0C_VhPEnnpKBVe2ilIbr7JLy8f3X4SOYhYwGCdB4rRk73GhO-E3A_8vUwHpc8O0dmxfVjUkBGRtjH4ZQFNmeNnNCg2EombJ_-mlQbgfUOA3-flZAzvKN6bXqIUDtgu6oDbIFNDKchp93JIeRdOzfCHW2GENb9IoEhFzy9BbJnj5HSECmsQ7EIhFbGRisjgwM5mPHyTPcQlW7bEbrO99oa0Y84QlWIxbdxrqFOfcrIskAxGQPc0yTAnaC6iqKAn3W5Puyn87UAZd0EDKoZcoC1YZf6iNdvmRHSg1bjYSzrPGndkEupv7s4JsxaJb_yE0SrQbxCr42gbK-fM2YFhFY8uptYDXKjqbWZGVoGihAc3AhioHpLaqFK58KmYKJjKPlkE92U9VeO1r8AvOVacRC_jT8zzjriacjnFsT7wLvEndg5lBYTYzC_Gi1TPd1NNp0647P9aKECKwWCfTKqt5Tq5Tr4HoDIgDNFikc9Q4GD2CuC7D6Aug2V5v18cTEmTX1xU0xdv1sniRlX9ot1kD6W0dRrHsq1Uxc70Sm5gF_0O2xsmzFicLWwLzM2uClNbRrGBVF5xaPFTflxF6AHeVH5apBbQ5JbYN8gZA_UrEaRglY7hEJSsL3yHjygCUsq9nNgW4_QGwr3GPaaGmXvywxurA0OAWllYMZkwdZsLuiesrYYDKXaRx5sB4Yzuql9gNRVKJhxZTJxg4bQ3Zi_PTu9COeDRren0zpRViFAdGJRdDP9hxr-RTPt-5usnbVgw010khwkzT0jbWMUfoUWPXuDxCpSaZRvHovxr1Vo8Od8UwCcvZIbLlz1Zg6KLvB22qEbr9rAHcisJ9XZVxeDr9tjSK6CiIDNlvSGKcSuR81fbHS1NJGF4cT-m9XOZyQxb-VeIU9Fu8umdQqVRJAQH6BjxKWMft5fRimrGXuO9LjfjAswAXPvntESs6hstgngDiQ0Vxq3qOpmK3BkXHrFpAeDju3i9vgajjrVyi_l3eG3ED_yXf8QWqEW6P6euOz1t2Rxhdw&cid=CAQSSwBpAlJWXsPrXrnP1uHk0sbNFJT4_uWtaWa7O1SFii2nm3eilnN1l7htKh6fogXZqW78XTbLxEAqU82jGWmMU72mHCEQeQdmX-7WjhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.appopener.com%2F&ds=l&xdt=1&iif=1&cor=9049855347141974000&adk=497053795&idt=121&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e236dc3f67d9048dcc072cb35deb114fa4d3a980a870645b6ef7447aab8d82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=6552881547&adk=3552395109&adf=2735220127&pi=t.ma~as.6552881547&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811428&bpp=1&bdt=1223&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iZ9PbHMfko&p=https%3A//www.appopener.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40571
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FA03
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFC61MnteF1NGWDC05OWfVI&google_cver=1

43 B
273 B

52ms
50ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFC61MnteF1NGWDC05OWfVI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNXp28uBlHmePvrQvatBNsYCQrWcYogoaMC20qhWxPoFFhintn5Mq1wXNzgZ6zVrXnQbuQ15b1dJdS8kVhqUP-pmKHvUIkGY7h0L4u_HFMBod4R5I31Yrr9O1oGndkaOkLdUAn75NDWHyJdRcnQqDh71KRWCdewcN2rN0czICgifB88PeGE
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFC61MnteF1NGWDC05OWfVI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame FA03 43 B
145 B 149ms
50ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNXp28uBlHmePvrQvatBNsYCQrWcYogoaMC20qhWxPoFFhintn5Mq1wXNzgZ6zVrXnQbuQ15b1dJdS8kVhqUP-pmKHvUIkGY7h0L4u_HFMBod4R5I31Yrr9O1oGndkaOkLdUAn75NDWHyJdRcnQqDh71KRWCdewcN2rN0czICgifB88PeGE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame FA03
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEGS90Ez4EP-A8BbAozELIrg&google_cver=1

23 B
163 B

159ms
72ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEGS90Ez4EP-A8BbAozELIrg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNXp28uBlHmePvrQvatBNsYCQrWcYogoaMC20qhWxPoFFhintn5Mq1wXNzgZ6zVrXnQbuQ15b1dJdS8kVhqUP-pmKHvUIkGY7h0L4u_HFMBod4R5I31Yrr9O1oGndkaOkLdUAn75NDWHyJdRcnQqDh71KRWCdewcN2rN0czICgifB88PeGE
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 08 Jul 2023 11:30:13 GMT
pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEGS90Ez4EP-A8BbAozELIrg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame FA03 23 B
163 B 254ms
75ms Image
image/gif 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNXp28uBlHmePvrQvatBNsYCQrWcYogoaMC20qhWxPoFFhintn5Mq1wXNzgZ6zVrXnQbuQ15b1dJdS8kVhqUP-pmKHvUIkGY7h0L4u_HFMBod4R5I31Yrr9O1oGndkaOkLdUAn75NDWHyJdRcnQqDh71KRWCdewcN2rN0czICgifB88PeGE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sat, 08 Jul 2023 11:30:13 GMT
pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1475223/71249285/ Frame 3415 245 KB
74 KB 62ms
55ms Script
application/javascript 52.213.224.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1475223/71249285/skeleton.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-5645705217995911&ias_chanId=1&ias_placementId=20111337730&bidurl=https://www.appopener.com/yt/oa2f72yep&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i8pl7-hAXT6krkmRkNGbnD
Requested by: Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.224.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-224-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 14384033f62ba73a7308974cb2c0214831ff95023d5898f227064492c8bec84c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 3415 111 KB
39 KB 49ms
42ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 10:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 09 Jul 2023 10:17:05 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/ Frame 3415 11 KB
4 KB 48ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ct36zQkCFf4zYLkMkvSh2Oh0vu3SBMUucvXZ-PYEYdPYEaVh9lks5ZHoHjvIPhiytZVjAmQQVxSso_C7R_9yM5f83vvxOiYtS_RjKPPa2q7K1iD_bqzVHJ13bIrc59EY5f-RlC7xhyRN8Ms50yPqFo2Uab3fxREKdONZbMMFjPJn3hzoM&dbm_d=AKAmf-CT1CFZGt0muZd5rQvmEDpY9rOg8OY91Xcz6IuZ3glhyAqH85_pziZIjs_X_j-1OoUAhbZewvIfhfoT9IVu3OqiaVnNaSdqcbloBb5YtjFSi9V2WG5JIm5NApCke-W7utnRD7RHbIvQrAeJatrjkdjknfUm-oygk29cvoiGjTzSA5tGd49A7TyBGydpwXPoluSEKIaJTOMhBk4zxIO87CbKHtZYsge7EQ0CiDa1OphUAhLrA8TyFxh773YGfBYZYJ4q-bE0wTX5Og6Vk3J2uXUE_jsGxq89_VXD4ih0ATMsxKaKPpQlA_yCzKewIHfyyyE7ikTqPuySu1gHECp-iHEaQNAFAmCTdMnmD4-k1OWZ5zyWZZ1cZzKG2kPSo_2JNaspt4bAk3ehGEOTiqdz3CUfIOf9jwUSEaz6mCan95_JQ5P6Gl1Ow44FBw7g8HFjWAm9GbfDRwSGEOSfOtn86h3uLpKIaeIP64wzzvz-7QklrwpmJvdtF0cMljPP5nItLUvT1kbDlzoWg-CFms2an263qdB5AO8olG9HbtdfBCZolhim8rZ3N33GlogDPk4cQblFps2AlQJQSlDL3lpyjo41i93TFURXJ0LI89XREZzsUXf8DCbaEajnP9xcqoqH1ouHZBFqph0rrZTsmnZPD48QsIaaYaJmTRwyWoMXfbaf-nf2fVw1nNAEhkq-C4CNit5lM3vfw3tj2AkAxyA2dbi0kwpQF7yXhnSyq6_5DLRbCo9FGpuzFeZyMYems6sI1-7Ptd9p4c5PnReZ0IDd9o6-pWhCyQ5q89_N0M7QJsS0fd7AP7FlWRSDcjyyjUVOZ6cSekV55MbUqDyX-R-DkK6tzCTt7FQ_DoA85mrAdfbrA0g2OSaZAMy98r7rCWe4-urbD2s9m_ipv-IwRBUTknpskd2kTK-FCZwCrSIf_q0FACeXxGdED8-FXZ5PvLaDGA2d7JwurAvyf07puK3ALU9D661pFTO6HtPu0ItXgF-v8c0zG_LDzAyReJIXjXu1Fc-eOBGDPKCmkeSwbqbhHH3zS89Xre5yjibiU-NMPwR8ceScYdxnS3PxifZvy2QpFxJc8yEzvILT5AmfThCCEEz683sPMuQHeJf_njpK5VVBqwt_GndVsBG2cGJjtNP5e-OB444quaMmHt7unH-Q_Pxj1Rz2CXUrwPKQEgQuUmL89zRvYE4LpCuhYfB7LT2TaXO9RQV9EtfjT6asuMsYpLtVVszRXRKZcWryo4B6fJvGox6NH-Ar7yEaE_yJZh7n3uIBKGxWJeMawuXalVi9yPm7MM5Y8clauaNxag0yI1W8AgHQd2OjxP78p2B_KZJU4mUxLajUR8S1uOyUtH55WR4BgQPIF2du2y5wtKstvmF-GeDz6P9MElPu_V0mSZU4QA8AhkRegMaymvQHnJM9o0ubi4xyB9pYFtiblCSedvMI5rgyMGzgRCjZQMqgYrpfdzFyHM6kJ1CxQHgdEhmHmkF5b9tm8_iwyZ1G9JNu0NWFCR4L6cCuTYAskiIFndJ2cLLKXeamsIT2NaaRt-aPl849uIJgg6CF4k4u3z_AozhY7KABldWf9ZfSdClTdiQuih6jbbLo9mGjyA2FkJLQmirZOfklyVwq53E82piaK90sD2u6FBiCW_pfks4etB-Bbaia1a7y2JOZWFjxr8HxcSpg--gzjhv9bZxzZpWG8pLr3ZyU85FS8W8CkAhtr98H1mSoXaBo-UHc4M8Zxvlyt5C5CZsjuXHIhzULWFC8QQSEAcHgY9lfVEaY9F1LmFaVpUD4DTYdmAZPu6Jajxf0u25Eo-ZKNZsJ4zgmGz-fK7G3zsB_Nq8wOMh7lUcLzRQGNrY-sgKV6fsxX4YScozTNA7zHl9HrX5F6xgxp0ZickNxDvAgAeY1MRp9pNbrvv0os7yT-UOBGWQrXBhNRVmePCVD3IfueqJN4KYwNfNiVHOrkwEr0DP7eNMyjlRO0A08DTESS85YELyaGjNg3Ugcq0FXn8gcaOzz4U0T_-zGYJW_ILzbqKev_RFuX9bpiNXs5D4CpAs1FvkzcySN7LpHYBFro54JUpHGqgDLoijg5P6LqMu5sm-ib4d06MpsYL9fD62Xz6qO5_zucn7VGzgAHlqCWI3ZYARm--eSawus7eAuvAQ0xYcKkizrWNsvWyhFwwCUEcBbtTQTvKfbov1UaVofque8UFgec0MZAU_dbiZnfjzC2UyQrXA35oUr9bGFmP5HDrsxdJim9e3GZY8R8abSVSQ4hspYB34LeB8KwZL1ZO_uR-9r56xcdlSjUidDbJoTjeV2lXGIeo4zub6YIeGDB2QFIs22YKpl4pzhVQjEKIMpMhOsQuAfI53Kl0piX5T39lsbFDj1ZJtlysOXPgA12ZyvXDbsM5fNKBMUJgSSLnm27Y2hwPVl7B_Xo4g_T5xz7HVd0SMc-BiL_VYiMuTlP_gQQQ72k462bgTC-bPUPOTn11iF6F67Aak27us3eOsB0l9PNBTkLMU2C_9WRBVcirnayzcjFHX0iBLl2TiXJp9IhpZkJJSfExhhLZcSt-UhnCBVgW2zxAKdZCTeckhkmgG3FMQg-DN7CsjRzHIlpjp_g46JVmzX_fh7ks3seyHiRB4RLL70Hu_FvT7tvkRwzO0C_VhPEnnpKBVe2ilIbr7JLy8f3X4SOYhYwGCdB4rRk73GhO-E3A_8vUwHpc8O0dmxfVjUkBGRtjH4ZQFNmeNnNCg2EombJ_-mlQbgfUOA3-flZAzvKN6bXqIUDtgu6oDbIFNDKchp93JIeRdOzfCHW2GENb9IoEhFzy9BbJnj5HSECmsQ7EIhFbGRisjgwM5mPHyTPcQlW7bEbrO99oa0Y84QlWIxbdxrqFOfcrIskAxGQPc0yTAnaC6iqKAn3W5Puyn87UAZd0EDKoZcoC1YZf6iNdvmRHSg1bjYSzrPGndkEupv7s4JsxaJb_yE0SrQbxCr42gbK-fM2YFhFY8uptYDXKjqbWZGVoGihAc3AhioHpLaqFK58KmYKJjKPlkE92U9VeO1r8AvOVacRC_jT8zzjriacjnFsT7wLvEndg5lBYTYzC_Gi1TPd1NNp0647P9aKECKwWCfTKqt5Tq5Tr4HoDIgDNFikc9Q4GD2CuC7D6Aug2V5v18cTEmTX1xU0xdv1sniRlX9ot1kD6W0dRrHsq1Uxc70Sm5gF_0O2xsmzFicLWwLzM2uClNbRrGBVF5xaPFTflxF6AHeVH5apBbQ5JbYN8gZA_UrEaRglY7hEJSsL3yHjygCUsq9nNgW4_QGwr3GPaaGmXvywxurA0OAWllYMZkwdZsLuiesrYYDKXaRx5sB4Yzuql9gNRVKJhxZTJxg4bQ3Zi_PTu9COeDRren0zpRViFAdGJRdDP9hxr-RTPt-5usnbVgw010khwkzT0jbWMUfoUWPXuDxCpSaZRvHovxr1Vo8Od8UwCcvZIbLlz1Zg6KLvB22qEbr9rAHcisJ9XZVxeDr9tjSK6CiIDNlvSGKcSuR81fbHS1NJGF4cT-m9XOZyQxb-VeIU9Fu8umdQqVRJAQH6BjxKWMft5fRimrGXuO9LjfjAswAXPvntESs6hstgngDiQ0Vxq3qOpmK3BkXHrFpAeDju3i9vgajjrVyi_l3eG3ED_yXf8QWqEW6P6euOz1t2Rxhdw&cid=CAQSSwBpAlJWXsPrXrnP1uHk0sbNFJT4_uWtaWa7O1SFii2nm3eilnN1l7htKh6fogXZqW78XTbLxEAqU82jGWmMU72mHCEQeQdmX-7WjhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.appopener.com%2F&ds=l&xdt=1&iif=1&cor=9049855347141974000&adk=497053795&idt=121&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:16:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/ Frame 3415 30 KB
11 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230705/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 17:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 17:16:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3415 41 KB
13 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 337058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 13:52:35 GMT

GET
DATA 200
OK truncated
/ Frame 3415 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d16e1318fdc40f7f0be93a7be28239c61f9048837e8e71719efc2a282596929a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 20DB 0
20 B 80ms
79ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=pvtw&eid=xEipZPrAN6efjuwPi82v-A0&p=ias&bl=1&twt=620&st=396

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 20DB 0
63 B 83ms
83ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEmG-sJeSsLXUeW8THBsrVabqexYMN2RAhWxPg3ezGic9A_uXmOmKgfWyNq78vryWrinWSMc2YYPgyJgTtPoHcaId_aMCVeG_uw7-5_s0FPxHXoFeAnqGaJNtK7IHQsncD2M-m6vBHoVyTp31G36iNw1SwVYlVb8xtRdiZMKEn&sai=AMfl-YRAQfYxYEPaCfJT7i3D9cWXdx9JdowGw2foUkS_bYcre-yB90R98ZQKex3cNkCfetNRHPzqMnCA_RaIWHsLe2I3gzosuO_iaT-9CJ_38mIf1D-ro2zvHee-KjbAcg&sig=Cg0ArKJSzL36MaN44egeEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 50D7 22 KB
8 KB 45ms
43ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 158243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:32:50 GMT
expires: Fri, 05 Jul 2024 15:32:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15425370921734795581/ Frame 612D 6 KB
2 KB 41ms
40ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15425370921734795581/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3b314c94ba9fa92b1f0623856bc5bacb0662074f26aa4cd1fde2b50dd9dcd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 432777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2279
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 11:17:16 GMT
expires: Tue, 02 Jul 2024 11:17:16 GMT
last-modified: Tue, 09 May 2023 14:23:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3415 0
0 86ms
86ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4K_cC1ccey0NzOXUEcLgGkCI3GPcDXkdxkHZf247_dZv8uMJhiOf4ewDokuMpJnDkvlT0zynVeuhVHUdAACF7Lux0pmUQ3NqQcyPCEu75JMlqBjn7iXmfZaUJ5iCwVo8S6XUYqhC8MFXWsywiFloBCCrRv-h8ukFEZPXgYV4Gq1PyjUMuGt7_7wZbzawreAelQVMdlGJqOsnpyOA3WEgzoaRknr3aK2Bsw9JvJ6KdCCd1ythrouItH9bniT6vOaSXm9xUuvh8o42jn3Nrzn7BV4MecSaWixPLZXcoGIdoaw9pG9JuEZ4lqdxcxFu6PrD1wjZvKKpoH-dGsjHNEbeXcfZNY0MYMsfYk6ElYtJST4BV_422XEitmVEbuyfzc1pdEbyQxFJOcmKBz2Lq73yZOpQhRd_awLZQQGH3-cKG4TvH7EN2xlF7ddMHNsqrBEmk8GV2NtuknXJYupGKoJ078cFe7zoAj2r82f4qpTj0awmoDoJjm-Yi1GIPVPwWZgcqGHU33FqhZFBTN5o38sHurxiVMvRA6chEEo_d0I5CfHgQD09i-HdfLqyLb0MBZiqfjCARKKDs0yws8UxUCVK7KpNjDw7xZsi7odb6CRJJh_BTaYuiHwyHRIgr_tAadbNIobWwCs1O1JaYjRO63ovtOdLWW99X8V8fc6aMXoHiDQRgzOMjr0s23ocYllFeIquxD6ovaSqQS5pMAwSK8tiyvlG-K9f4gHZGuznR6Qbu9yrCzM0IzHdZ1OU5rZ6BsXfvUQQm4PiWXgGFst8kmkhRW-OO6WsPG9naoSI2lhMPZpVeklADsTXq71IrgBFIjSv3yJjRxHrVPhtzZ1Vs1ApkZ2F_Hy8RaG-10ckyJ3Of4HkdX4u6bNhhdLFVT2Yt7QBAKhWm8Y1PAOUnTnDBkfPWEc5AU1L3_HHhn8twNKdwbbu9ils3h6WJBs2-aAz4MA6FfuIOxAPPfZ53YBseue9M06iLOjwM1wt7Kz1IZqCcRodw98KrdInHs_swnIgsQriVhRZHz5Eock0YDZV7zuhh9tBdq5bmBLS1AMOAAu2ZnacplbUv2HgOqq2IL-QsSoDClA9g9U0z4duOS85t29HTueP12ws3qYe4tbWdXmNFBRwsofx-4EXKYofmOj-NRyTnK4ua_s5CwBEWx7dvkaoybznRgCfT42mx04HC5fn_zrTSGxxX9-VF1dj4_4ooBGdvWvVgSesBZ8ZZ30zk115fNixzG5pvwi3jDVBtXLKZ8MKg5MJfVfGZ-343fRO8LQsPizOs8FSSYdA&sai=AMfl-YSOHQfZUixLphDDoIW8Km0MWgjfOqsFog7_xUjml_VbLh-i28OwGyD9O67m0k3pGJ8KwbUC4YnBOE00-nMkoK80AOI8JCtfIS78KsKoRz-w3nmq9UGJM2VJjhX95Dw3ivVkAmQvNFGlSYY04AnD3WJ2YDtAKVsso3iIUj27B8oP7XGt7fH7UROSTAh8uPJWXroJARGqpcADsO-U2W0g4iH9f3dmPJoyVhJ_a2w7uHXCM5ezskOFBNSkgmo3Ayg8rC7C5a_PEqtyBIUL2STKvpbO83Zlo1yM&sig=Cg0ArKJSzL0dXsUajveZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=76&cbvp=1&cstd=75&cisv=r20230705.09053&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:30:13 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 3415
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1475223/71249285/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-5645705217995911&ias_chanId=1&ias_placementId=20111337730&bidurl=https://www.appopener.co...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

50ms
50ms

Script
application/javascript

2600:9000:2134:9000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=6552881547&adk=3552395109&adf=2735220127&pi=t.ma~as.6552881547&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811428&bpp=1&bdt=1223&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iZ9PbHMfko&p=https%3A//www.appopener.com&dtd=7
Protocol: H2
Server: 2600:9000:2134:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 19:42:03 GMT
x-amz-version-id: SJLYBA351pqECJYqjJA4.3WvprugNKiT
content-encoding: gzip
via: 1.1 4bf67fa3f3c5285ab6c4bc6a5127ce32.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C2
age: 229691
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 05 Jul 2023 19:42:00 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: VD7mX0LIPpyeRNnkTvJOww3AnnZxJY4GB1-bztq4jhDpZMeMJ1343A==

Redirect headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame AECF 91 KB
23 KB 56ms
55ms Script
application/javascript 2600:9000:2134:9000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=6552881547&adk=3552395109&adf=2735220127&pi=t.ma~as.6552881547&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811428&bpp=1&bdt=1223&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iZ9PbHMfko&p=https%3A//www.appopener.com&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2134:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 03:25:04 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 4bf67fa3f3c5285ab6c4bc6a5127ce32.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C2
age: 8582710
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: gE377fSh_KbKehuNQQ0Ej-gtEPurZWMh3tlK5bgpwUIGy15v4s-pLQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3415 43 B
215 B 119ms
119ms Image
image/gif 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=43ca3155-c051-ae1c-2df1-d20c0636f619&tv=%7Bc:hM4zX8,pingTime:-3,time:63,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:30%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:63,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B56~0%5D,as:%5B56~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJpV2Vx+11%7C12%7C131%7C132%7C141*.1475223-71249285%7C1411%7C1412%7C1413%7C1511%7C1512%7C1513%7C161,idMap:141*,rmeas:1,rend:0,renddet:DIV,siq:32%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=6552881547&adk=3552395109&adf=2735220127&pi=t.ma~as.6552881547&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811428&bpp=1&bdt=1223&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iZ9PbHMfko&p=https%3A//www.appopener.com&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3415 43 B
215 B 119ms
119ms Image
image/gif 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=43ca3155-c051-ae1c-2df1-d20c0636f619&tv=%7Bc:hM4zXh,pingTime:-6,time:72,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:72,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJpV2Vx+11%7C12%7C131%7C132%7C141*.1475223-71249285%7C1411%7C1412%7C1413%7C1511%7C1512%7C1513%7C161,idMap:141*,rmeas:1,rend:0,renddet:DIV,siq:32%7D&tpiLookup=ao:www.appopener.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=6552881547&adk=3552395109&adf=2735220127&pi=t.ma~as.6552881547&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811428&bpp=1&bdt=1223&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iZ9PbHMfko&p=https%3A//www.appopener.com&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 612D 236 KB
63 KB 50ms
48ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15425370921734795581/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:13 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sat, 08 Jul 2023 11:45:13 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/15425370921734795581/ Frame 612D 199 KB
37 KB 50ms
49ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15425370921734795581/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15425370921734795581/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab06507488ca1d4419bb16f8300295aec97f231938605b17537d661cf0503f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15425370921734795581/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 08:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37481
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:23:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 Jul 2024 08:10:26 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3415 43 B
215 B 122ms
122ms Image
image/gif 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=43ca3155-c051-ae1c-2df1-d20c0636f619&tv=%7Bc:hM4zXG,pingTime:-2,time:97,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:348,beZ:349,mfA:352,cmA:353,inA:353,inZ:357,prA:357,prZ:372,si:379,poA:380,poZ:405,cmZ:405,mfZ:405,loA:419,loZ:421,ltA:445,ltZ:445%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:30%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:98,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B91~0%5D,as:%5B91~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tJpV2Qn+11%7C12%7C131%7C132%7C141*.1475223-71249285%7C1411%7C1412%7C1413%7C151.1475223-71249285%7C1511%7C1512%7C1513%7C161,idMap:141*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:32,sinceFw:64,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5645705217995911&output=html&h=600&slotname=6552881547&adk=3552395109&adf=2735220127&pi=t.ma~as.6552881547&w=227&fwrn=4&fwrnh=100&lmt=1688815811&rafmt=1&format=227x600&url=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688815811428&bpp=1&bdt=1223&idt=1&shv=r20230705&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a631f4aafc70d22-2213c3adb2b40037%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MbyOrlJppBt3WgQemANLs982f7M6Q&gpic=UID%3D00000c38a7b74a87%3AT%3D1688815811%3ART%3D1688815811%3AS%3DALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q&prev_fmts=0x0%2C1200x280&nras=1&correlator=6883907483760&frm=20&pv=1&ga_vid=971080236.1688815810&ga_sid=1688815811&ga_hid=614847232&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=87&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C42532316%2C44788441%2C31075885&oid=2&pvsid=3863357890557807&tmod=1934160056&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=iZ9PbHMfko&p=https%3A//www.appopener.com&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 50D7 37 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 06:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jul 2024 06:25:48 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 20DB 0
0 87ms
80ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuA9JN27MKHY2Ebiga8baMGQMPT8kdAutP1ptsbCb6_Fsk_cIKCG2DQLY77WZXjeDvNOASD5sxh9H1ZcAogcSlH0JnfSIkhsgxjZgwT_5LDs1DfpNBRsi8V6nNu_UwfDDv2zOo2QPbCDfBBrKyMJAh0h6zVtUJY8n3RLU8NpxQ5hr869UcBJPhKp43-uq1Q6HBSibEElwU5ixcecebksc5vgrWT76Q9I_Y6BXxhJmowgrhuD5sM54BvcdPpRJwJJHx1pJ2obWDq8UiqPnf_Tf9HG7mhOOErWm0NgV_1d-KjHxGC7NGafQ-rm5mpdwxPa8ptCRAyiAcQM35_lNi4VVtYUxhm7qUL9ef-O9YkuAbaYS-Rkj8GPW3v9U2SIBVhSahyUBuC4psEahXFbj6-uP6ituNZ_-yHJ9lNy3GCaKLSH06qkA-WgssTTAMO3irgxUJJqtI3bVaUuX3lQDC5Zpc-gVJhihb_DBm9zp5oMB507Bvt3aH8zE7Cr3ht2GbMqSbHQvNEIiKgPoHQ3DBWNba5jFtXXmMw9CS0-I-MvMGrABhYIx7xanxoNbwsx2-E0N7PGIWa0McqM2FuajnirAgJ3jhsONSgBA0OkecukDV7x9rjjlNXhvVoQuN14mQkTi78Ltum2M2ycvqBOemnlrawwUL8htu6uwD5dnryNW4iVyf1QIbHU5zFnKUv8zZc-QNajlO-263v-Xf4gkYmDp5AacpoPhLDATgMmE0RP3aZXZ1AhBrdPrFwG5yM61Og9Smvveon4yN6tFbrVdXgNsRMnnTFCQqO2NXZzm8KaDDGR-wxT9-5MejPA2C4JQpSyuDhc1bcEjAam5qsorbmvevX2n2ALsSRVWEZPTv66az1ZocZr-AxHPKcqUP5UjAEKsGVpdBpnxi29yp3SxKmKNq1k4sRqDmTHZOK2UU_Ak8c6fL0H3ce2hgvBShbBC-krHfqF2bZcIFzy0XZBK2QF0hediNsBglyG9LBMg3FV_U7uUpEE8HC7fImGyvhd4ddcn_df7KQWDX5YrVkxQD7TQUx74myp4vH6UCkkZJSQAwy1JLWco2xKS-ByaV61Fph5hF4T_JXI7qvo3YMzBIBC7XmgpPeasH-GTCdiQ3tuBWOzpfP-diBHy4p5uTAebgWVum9BMJem4uIBNTWtRVOiOVWp9tmEkejpMgKjC_Zu617GnNA03bt4JtfVAjQ3EzrBm0c0J-z7NKhV5TXlW5fkSdpTDYuMF6525FfuqMnT9zmhtEIohXQBo-g1HXePcluIC5Tn7K4l2CzEPk&sai=AMfl-YRhsbF5miPfzFGmSN95mTQDzeCxJyXhx-pVyBpsDraDLn-zcVVOg4dzqCE7ntyVO6UzjzTUJvRovhKYJgjHpdWX2gwb23Rn-bqDLP8ArVwNfD68xGmfRH6MRt1izIAPu9ujD1SP23pLPb15nMlMGGFbx9itVU0H0hOW5jZtYc1C4TG3k0cJgnvUxpK7FWEfjQ8hGgTPHLSs_Q2-_dyQP8UHmMBGPLjxr2guQGsbom7OKIY9l-83cKic5kKcBsiAQPUsgbViT8A-HwuD1m0PBHJgKgZBofIj&sig=Cg0ArKJSzLcTDTOwuNCYEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=791&vt=11&dtpt=575&dett=4&cstd=212&cisv=r20230705.37807&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 08 Jul 2023 11:30:13 GMT

GET index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/15425370921734795581/images/ Frame 612D 0
0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3415 0
0 89ms
81ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4K_cC1ccey0NzOXUEcLgGkCI3GPcDXkdxkHZf247_dZv8uMJhiOf4ewDokuMpJnDkvlT0zynVeuhVHUdAACF7Lux0pmUQ3NqQcyPCEu75JMlqBjn7iXmfZaUJ5iCwVo8S6XUYqhC8MFXWsywiFloBCCrRv-h8ukFEZPXgYV4Gq1PyjUMuGt7_7wZbzawreAelQVMdlGJqOsnpyOA3WEgzoaRknr3aK2Bsw9JvJ6KdCCd1ythrouItH9bniT6vOaSXm9xUuvh8o42jn3Nrzn7BV4MecSaWixPLZXcoGIdoaw9pG9JuEZ4lqdxcxFu6PrD1wjZvKKpoH-dGsjHNEbeXcfZNY0MYMsfYk6ElYtJST4BV_422XEitmVEbuyfzc1pdEbyQxFJOcmKBz2Lq73yZOpQhRd_awLZQQGH3-cKG4TvH7EN2xlF7ddMHNsqrBEmk8GV2NtuknXJYupGKoJ078cFe7zoAj2r82f4qpTj0awmoDoJjm-Yi1GIPVPwWZgcqGHU33FqhZFBTN5o38sHurxiVMvRA6chEEo_d0I5CfHgQD09i-HdfLqyLb0MBZiqfjCARKKDs0yws8UxUCVK7KpNjDw7xZsi7odb6CRJJh_BTaYuiHwyHRIgr_tAadbNIobWwCs1O1JaYjRO63ovtOdLWW99X8V8fc6aMXoHiDQRgzOMjr0s23ocYllFeIquxD6ovaSqQS5pMAwSK8tiyvlG-K9f4gHZGuznR6Qbu9yrCzM0IzHdZ1OU5rZ6BsXfvUQQm4PiWXgGFst8kmkhRW-OO6WsPG9naoSI2lhMPZpVeklADsTXq71IrgBFIjSv3yJjRxHrVPhtzZ1Vs1ApkZ2F_Hy8RaG-10ckyJ3Of4HkdX4u6bNhhdLFVT2Yt7QBAKhWm8Y1PAOUnTnDBkfPWEc5AU1L3_HHhn8twNKdwbbu9ils3h6WJBs2-aAz4MA6FfuIOxAPPfZ53YBseue9M06iLOjwM1wt7Kz1IZqCcRodw98KrdInHs_swnIgsQriVhRZHz5Eock0YDZV7zuhh9tBdq5bmBLS1AMOAAu2ZnacplbUv2HgOqq2IL-QsSoDClA9g9U0z4duOS85t29HTueP12ws3qYe4tbWdXmNFBRwsofx-4EXKYofmOj-NRyTnK4ua_s5CwBEWx7dvkaoybznRgCfT42mx04HC5fn_zrTSGxxX9-VF1dj4_4ooBGdvWvVgSesBZ8ZZ30zk115fNixzG5pvwi3jDVBtXLKZ8MKg5MJfVfGZ-343fRO8LQsPizOs8FSSYdA&sai=AMfl-YSOHQfZUixLphDDoIW8Km0MWgjfOqsFog7_xUjml_VbLh-i28OwGyD9O67m0k3pGJ8KwbUC4YnBOE00-nMkoK80AOI8JCtfIS78KsKoRz-w3nmq9UGJM2VJjhX95Dw3ivVkAmQvNFGlSYY04AnD3WJ2YDtAKVsso3iIUj27B8oP7XGt7fH7UROSTAh8uPJWXroJARGqpcADsO-U2W0g4iH9f3dmPJoyVhJ_a2w7uHXCM5ezskOFBNSkgmo3Ayg8rC7C5a_PEqtyBIUL2STKvpbO83Zlo1yM&sig=Cg0ArKJSzL0dXsUajveZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=302&vt=11&dtpt=226&dett=3&cstd=75&cisv=r20230705.09053&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 08 Jul 2023 11:30:13 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3415 0
20 B 79ms
74ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=pvtw&eid=xUipZJipIuin9u8Posqo-A4&p=ias&bl=1&twt=312&st=140

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3415 0
26 B 86ms
82ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvVKIqfGR3jNp471lK4jKYZYI6XinLavigjdz5T-gHU3fuqA8dmnsUlbOtrwaOU_Xmxp3zUOq5LPElJN2Fw1nWmFk0_cDHP-BH0LrbLJX9N5_jUmFawuXS8s5ukgkawSm5bvYmX9rFjBNSuUWtAdmZtTWpwEy0Bnw_LogXZ9LfB&sai=AMfl-YRVllVmr7dYkNw-YUvLSTteB-yq5cZC9x3Ijvl0S9nQmi4J5JmpNM9G6XtGFdweemtiPY2Hvz0AwuBU8_dDK1xRiTVKoWEuWap20aUVsPnjFsbzoLld3L7wfGDkzg&sig=Cg0ArKJSzCF3mR1gvZxREAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 20DB 43 B
215 B 123ms
123ms Image
image/gif 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=627dbc86-4b88-c3ac-78f2-d11da0a30445&tv=%7Bc:hM4A02,pingTime:-10,time:563,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688815813970%7C%7C27d5875fe0fb2fd193fe36d9c7203fae%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7C0267c24a7cdddb2f5705330bac6e7613%7C%7C1d709fea139c405883bcd3c5153888b2%7C%7C8e52e139ba7baa9750ce5eb5dc45f3e5%7C%7C701c77086951f30a660dc6f24c1a652c%7C%7C96df027d3da0f99d24be1a7472011a80%7C%7C1663701684%7D
Requested by: Host: www.appopener.com
URL: https://www.appopener.com/yt/oa2f72yep
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:14 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 95ms
94ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230705&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d9a62424d4fd5802a8eaecb615c45866da6ba6d89e0ebf43ff65becb64539d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11690
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3415 43 B
215 B 121ms
121ms Image
image/gif 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=43ca3155-c051-ae1c-2df1-d20c0636f619&tv=%7Bc:hM4A1x,pingTime:-10,time:336,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688815813970%7C%7C27d5875fe0fb2fd193fe36d9c7203fae%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7C0267c24a7cdddb2f5705330bac6e7613%7C%7C1d709fea139c405883bcd3c5153888b2%7C%7C8e52e139ba7baa9750ce5eb5dc45f3e5%7C%7C701c77086951f30a660dc6f24c1a652c%7C%7C96df027d3da0f99d24be1a7472011a80%7C%7C1663701684,sca:%7Bspg:627dbc86-4b88-c3ac-78f2-d11da0a30445%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:915b:86b5:84d2:5bd7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:14 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50D7 0
20 B 81ms
81ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiC2fxUipZJipIuin9u8Posqo-A4AAAAAOAHgBAI&bg=!n5ylnMjNAAb90kgr3dI7ADkAdvg8Wqe7umEZfWyBJ2DtAtEJnPDCE18SlJpLmvlzSFm4H7T8TsOR7A0rQ6kzPw968CaQYCyT5T0CAAAAtVIAAAAHaAEHmQL1cVoAkmMKXzLaH6PA6v6fLjwMMiKmMOYtFFlWu8BsaZAGEW_I-Uvf3QDRNJz2w6XICZ0VSHaFiM4Ll9fxCGUb5P1IqPOTHkQppCfy-Z4SJ-vvjyAP6rvtCRKq0uF7kVW4zDnTkVaMAvvYmQmvk3_xoMwvpjC6jTlJrq3ZeXc8g0-0p1cioD8wJ3iVpwQSDPAjMIfXEnSYQAMIRmx2o_SkimzH8MmnoDsh-wOu_j-y4Ao69VSO-IymZnlKNYpDVBrqwggtZoYy3RklaPSweL4T8BrWQMQoqku_0uS1uvjx9CfelnINftdZyRyEdo9q1jmsEXu0UAhJgCTVCd9lur6QrbN0cg8el-r09N_LQzwzClOMgt3b9iCz-MmqiHHbG9aDC9i0uPn3-30VsnVUioE434iXEDgBRilsMQU1jNGdVHXL4bKQA1Tn0FJM0naIXFEym5KzwP3eVRBhceRggXajGW3NLJEYBBRmg_o12la3KlDvKk8Ak5GuvXxwwat0nKCXv96I1xlttONsinjpDy6tAGrBTd26JbSiNwPaL83XzbCA7bCjKk_oQoWDj1XCCq1fnrHlwYBmAimwTRtW4MsgsZUTeQoQpxy8B4A09-m_25CK09oCGDiHG37gxZwXk5zmNP-VvhiVmvXZAG-nwevYVbh4kKfhXZ31vFQ-IWpt4E5s0ZCs34LfswgwLoWOmzJENKuE7MSTX5XBkFK92DYD7B7z79-Lrit-f6rCOr8bEVPebErvf6OG1vertWNGGQ2B2HrQRzjYOy7Kvejp2IWLiVLqO8g6ZfVLwECQs7zhCVKsF95LCEhCfDa9NAgvYAEn6y7DyrAbBpcM1oyfmqxjYaCqMlRhOajONdiRHpCghB0Qo455_NoZop44IX4gH61hAcC9dEygZp7HGOJdrQM-6eDM5wJcbMyhX6kujAQV5gYOIXz1e_C32Irb0r9fXaKTqXM_bBBlWotXkZ1Tn6xOYUa4BKdo4QMtg3DvS0ECCw7F38VdOw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 11:30:14 GMT

GET
H2 200 index.html Show response
otpless.com/auth/ Frame 3BB2 315 B
774 B 597ms
588ms Document
text/html 13.249.9.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://otpless.com/auth/index.html?login_uri=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&sdkPlatform=JS
Requested by: Host: otpless.com
URL: https://otpless.com/auth.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-128.cdg53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8b24d02466fbbb294ec7295f27f40869e8ca1c3869c83c499fdf72ba0de40a0

Request headers

Referer: https://www.appopener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 315
content-type: text/html
date: Sat, 08 Jul 2023 11:30:15 GMT
etag: "54b7c3444a77c98a7b5b191d7cfdd982"
last-modified: Thu, 06 Jul 2023 10:19:08 GMT
server: AmazonS3
via: 1.1 d6b30cd44d0926586624a3163e9a9e9a.cloudfront.net (CloudFront)
x-amz-cf-id: _SzPuAuKMwZtgOX4Wu7uqrSg4-h5x2JZXMznWuv-Nq-nv5IE4Sv9rA==
x-amz-cf-pop: CDG53-C1
x-amz-id-2: MFcIQchDbUag0ylYx3/o724iFxc48TSDkpx5YwSc3gHdVqccyfO+G2kyKWVrAdww7k5OfT78bGNCSkGLZFQYnQ==
x-amz-request-id: QYRES7HN4C7BVQRZ
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9803 13 KB
5 KB 51ms
40ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.appopener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 11:11:45 GMT
expires: Sun, 07 Jul 2024 11:11:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F52C 783 B
534 B 58ms
53ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cd3eb85bf558c970de7d669b8baae72fcdccf221b8bd4ebabb05956955addb8b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M0njsw-MDo6LhDThvXtj9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.appopener.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-M0njsw-MDo6LhDThvXtj9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 11:30:14 GMT
expires: Sat, 08 Jul 2023 11:30:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame 9803 37 KB
14 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 06:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jul 2024 06:25:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F52C 0
0 74ms
74ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230705&jk=3863357890557807&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9803 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lcPCxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 bundle.js.gz Show response
otpless.com/auth/ Frame 3BB2 310 KB
97 KB 610ms
610ms Script
application/javascript 13.249.9.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://otpless.com/auth/bundle.js.gz
Requested by: Host: otpless.com
URL: https://otpless.com/auth/index.html?login_uri=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&sdkPlatform=JS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-128.cdg53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bee3cbd9f0dfe3817c2cd962598a4b19940d497b09ec194d9c4b65732b0db64b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otpless.com/auth/index.html?login_uri=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&sdkPlatform=JS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:16 GMT
content-encoding: gzip
via: 1.1 d6b30cd44d0926586624a3163e9a9e9a.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jul 2023 10:19:11 GMT
server: AmazonS3
x-amz-request-id: 38KGYNE29ZTCZMVM
x-amz-cf-pop: CDG53-C1
etag: "f671d99eb91332acf79d217cc994b2c4"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 98465
x-amz-id-2: 6XVpJeSyoKCBVGU1KbqryL3/0CFyyWe13R6MJsAmkVCYsSH1XGxefiTG8vDX+90+e907h0ypXS7rxYyhgEZp3g==
x-amz-cf-id: Cy0NspMx-O7lNtYIzbzOyO3Jz5FCtznujIeA7tD4ta_vXWx0ZE3cqQ==

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 20DB 0
20 B 76ms
76ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8338529967831&version=m202301230201&ct=76&x=1&cor=2034843905626090500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
77ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230705&jk=3863357890557807&bg=!Dg2lDVnNAAb90kgr3dI7ADkAdvg8WhxPMFoFV_TWW0TSIw7iQWn4coru3HkGpxP0vXVmVEE23MAv3ZPYCpJn3cPGCtc0xrnHXqwCAAAAg1IAAAAGaAEHCgBD7tTc3yPM8kqT7pAlftnv90pQetD3TVia0g4EJJs5eHwbSIGyuEYHIl15J4gZVseA8qKxi9-IQy9dnYYxwp5YW5TYfJkCqL846Kl9B9lBFSGet-QlR93fHCz_rVgNkwbsF0aUFPauytQ_9nSLTQwP1Ji_r82_w7ivAB7gRN516RJdO2kLEMk9O8yfycTdcKqmMj7VhK5vIr-ynQENFLzsVCZQW7HV1oNy1nQ0JZ3fHVM-6znwkJ71vKbnlQkPuqVVKRPpgSHplQI6bEh-zRCJbKHAe99HxStFV65LA7_s39gvtejUrxAMcYqTfZje7L-HNkZEmux0R1Ou1wixvstWqtvBlbGJPXQCvJ0p89vpcnpdGjI-SfxBBf7zvaME9Mad832oziWHlRUVkDf-H2M57GQTkEhFWUBnmQEK8O-h2P95mTIz2CenR9Ryq5v5_rM70rr7yKWMIX0sof3_JRyZ4MZP-ZMI3j-r95B7jJ8MtSR_sPEZq9Kxqn6FTt9bPAnTKhY7pw7ChtACLYUzZ0TEBoEqSo_BGfXiclue-6Pwy-J8YotCWdGQXlatcIqiFpxKIQbFK8jkKyq2ynZD-gWEh3Dz9BsH5v4rDpEg8g23d9pgLBbXE27KdL4dQP6Z_bMd0supnP2NFcoJ77Z5sNTvmC8TgXJapKU1i7RWqqueQHK01W5MdR4TrqlqUiy67MkS9q2IHmdYfg4ja3Uw9p1ec09UcMtPZkfqwlLhyimBgc20DMc19GSxL9fMWA0crLUsfKm71hO9VVScyycXdyWMqhUitBX32Zy1VOFtJJjp4auKZ7JbsQ7iHl68XGOjaIFYD8fCGWRT9S-guI3RX0Cf_zEaCSOYFI4mjpfncHj12ON4bM-1ODplpV-C8RPPdXc1jXs7-Uu0JrkMhIWQbvriC1qe_HpEXgdLXA61K01SNdaxPtV3Uiq33rB9FEfdTo64j8l0nSdsh8J8zQAolWH2SUiGBY749IbJ-48L2t7o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.appopener.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3415 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4560497476643&version=m202301230201&ct=76&x=1&cor=9049855347141974000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 48ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P7L1ZVNFSF&gtm=45je3750&_p=614847232&cid=971080236.1688815810&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&sid=1688815810&sct=1&seg=0&dl=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&dt=&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P7L1ZVNFSF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.appopener.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.appopener.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 state
otpless.com/auth/ua/v1/ Frame 3BB2 49 B
401 B 792ms
792ms Fetch
application/json 13.249.9.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://otpless.com/auth/ua/v1/state?loginUri=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&origin=https%3A%2F%2Fwww.appopener.com&deviceInfo=%7B%22userAgent%22%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.198+Safari%2F537.36%22%2C%22platform%22%3A%22Win32%22%2C%22vendor%22%3A%22Google+Inc.%22%2C%22browser%22%3A%22Chrome%22%2C%22connection%22%3A%224g%22%2C%22language%22%3A%22en-US%22%2C%22cookieEnabled%22%3Atrue%2C%22screenWidth%22%3A1600%2C%22screenHeight%22%3A1200%2C%22screenColorDepth%22%3A24%2C%22devicePixelRatio%22%3A1%2C%22timezoneOffset%22%3A0%2C%22cpuArchitecture%22%3A%224-core%22%2C%22fontFamily%22%3A%22%5C%22Times+New+Roman%5C%22%22%2C%22cHash%22%3A%22def13a5c2bc2d3470397b00a3f89a64d2b7a2d8048d70578990b2fd1c1e0527d%22%7D&browser=Chrome&sdkPlatform=JS&platform=Desktop&metadata=%7B%22browser%22%3A%22Chrome%22%7D
Requested by: Host: otpless.com
URL: https://otpless.com/auth/bundle.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-128.cdg53.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otpless.com/auth/index.html?login_uri=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&sdkPlatform=JS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 11:30:16 GMT
via: 1.1 d6b30cd44d0926586624a3163e9a9e9a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG53-C1
x-cache: LambdaGeneratedResponse from cloudfront
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-type: application/json
access-control-allow-headers: *
content-length: 49
x-amz-cf-id: ifUxGk2KQc3b6sK459QOJzQ2144V_VB46qGiHE8V-2OP7QBHpYRRng==

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 26E6 42 B
64 B 77ms
76ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBKHumNjt7qIM0tS_iMScisPwNBWcFry2jNgAzUkTtqIfpuZv2oDHWcuCQSXBDCUowOtR_uvg8mIXsrwwzJ6tgfwT6Z-rQydbmhB3AtpsZiflSot_GVNM7BN2CGJ8yY-5yqpz2cFuIkOOI&sai=AMfl-YQfM1BoA2Icuydf3dObKFQ35xl6GYs5K1VMXv-hZ-GmzbPrdBRxwa8G9NDgS2u1do0hs4SGc7VNMIwA&sig=Cg0ArKJSzOq1ytRXnFdNEAE&cid=CAQSGwBpAlJWtNMKt2JIcQTBt2IjP5pRe6G4wqPaExgB&id=lidarv&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D2180,0,0,0,0%26mtos%3D2180,2180,2180,2180,2180%26amtos%3D0,0,0,0,0%26mcvt%3D2180%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2357%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D216%26dur%3D26965%26vmtime%3D2365%26dtos%3D2180%26dtoss%3D1%26dvs%3D2180%26dfvs%3D2180%26dvpt%3D2357%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D642875681%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2180&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1688815813310

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Jul 2023 11:30:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ab0c1af5-b3a4-4161-b68b-da14cb057484
otpless.com/auth/ua/v1/merchant/config/ Frame 3BB2 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15425370921734795581/images/index_atlas_NP_1.jpg

Domain: otpless.com
URL: https://otpless.com/auth/ua/v1/merchant/config/ab0c1af5-b3a4-4161-b68b-da14cb057484?loginUri=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep&origin=https%3A%2F%2Fwww.appopener.com&deviceInfo=%7B%22userAgent%22%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.198+Safari%2F537.36%22%2C%22platform%22%3A%22Win32%22%2C%22vendor%22%3A%22Google+Inc.%22%2C%22browser%22%3A%22Chrome%22%2C%22connection%22%3A%224g%22%2C%22language%22%3A%22en-US%22%2C%22cookieEnabled%22%3Atrue%2C%22screenWidth%22%3A1600%2C%22screenHeight%22%3A1200%2C%22screenColorDepth%22%3A24%2C%22devicePixelRatio%22%3A1%2C%22timezoneOffset%22%3A0%2C%22cpuArchitecture%22%3A%224-core%22%2C%22fontFamily%22%3A%22%5C%22Times+New+Roman%5C%22%22%2C%22cHash%22%3A%22def13a5c2bc2d3470397b00a3f89a64d2b7a2d8048d70578990b2fd1c1e0527d%22%7D&browser=Chrome&sdkPlatform=JS&platform=Desktop&metadata=%7B%22browser%22%3A%22Chrome%22%7D

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.appopener.com/	1970-01-20 22:28:31	Name: __gads Value: ID=5a631f4aafc70d22-2213c3adb2b40037:T=1688815811:RT=1688815811:S=ALNI_MbyOrlJppBt3WgQemANLs982f7M6Q
.appopener.com/	1970-01-20 22:28:31	Name: __gpi Value: UID=00000c38a7b74a87:T=1688815811:RT=1688815811:S=ALNI_MZxGGDqTNd8hoSNHUUsxjunAtcN0Q
.appopener.com/	1970-01-20 22:42:55	Name: _ga Value: GA1.2.971080236.1688815810
.appopener.com/	1970-01-20 13:08:22	Name: _gid Value: GA1.2.438133774.1688815811
.appopener.com/	1970-01-20 13:06:55	Name: _gat_UA-209168136-3 Value: 1
.doubleclick.net/	1970-01-20 13:06:59	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:28:31	Name: IDE Value: AHWqTUkLJ-AnEqB4pKVStumdJDZBK43jxSBIPzvpXKSN3xWPDLEBqael3iyxMDuy6tw
.doubleclick.net/	1970-01-20 17:26:07	Name: APC Value: Aa3gxNrrnvI79TbmJOb6jk_UEK3T5CQvDORTugnOWiy9RYQeTLqKnQ
.appopener.com/	1970-01-20 22:42:55	Name: _ga_P7L1ZVNFSF Value: GS1.1.1688815810.1.0.1688815812.0.0.0
.casalemedia.com/	1970-01-20 15:16:31	Name: CMPS Value: 3350
.casalemedia.com/	1970-01-20 15:16:31	Name: CMPRO Value: 3350
.youtu.be/	1970-01-20 22:42:55	Name: CONSENT Value: PENDING+256
.adnxs.com/	1970-01-20 15:16:31	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb<uxce9!@wnfH8K6pQK`!5=E<L5?%Lf67:Td3`jI'3[:+x]3jXe=O42+AU(HbZ.bNjbpRzqF1`b_0h*(a.7
.adnxs.com/	1970-01-20 15:16:31	Name: uuid2 Value: 974648856915448325
.casalemedia.com/	1970-01-20 21:52:31	Name: CMID Value: ZKlIxfYQq2JBVcKUJ6NGQQAA
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 9ApeZs3xHHU
.youtube.com/	1970-01-20 22:35:43	Name: __Secure-YEC Value: CgtRZ0txd3VKM0NrRSjFkaWlBg%3D%3D
.youtube.com/	1970-01-20 22:42:55	Name: CONSENT Value: PENDING+773
.youtube.com/	1970-01-20 22:42:55	Name: PREF Value: tz=Etc.Unknown

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://g.ezoic.net/?ezjsu=https%3A%2F%2Fwww.appopener.com%2Fyt%2Foa2f72yep Message: Failed to load resource: the server responded with a status of 520 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
app-opener-api.onrender.com
appopener.com
bid.g.doubleclick.net
cm.g.doubleclick.net
code.createjs.com
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
g.ezoic.net
gcdn.2mdn.net
go.ezoic.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
otpless.com
pagead2.googlesyndication.com
partner.googleadservices.com
r4---sn-4g5lznes.c.2mdn.net
region1.google-analytics.com
s0.2mdn.net
static.adsafeprotected.com
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
www.appopener.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
code.createjs.com
otpless.com
s0.2mdn.net
104.102.35.84
13.249.9.128
142.250.184.226
142.250.74.194
185.80.39.216
185.89.210.122
2001:4860:4802:32::36
216.24.57.253
216.58.212.130
2600:1f18:1aca:4281:915b:86b5:84d2:5bd7
2600:9000:2134:9000:8:48e:53c0:93a1
2600:9000:225b:f800:2:cb38:840:93a1
2a00:1450:4001:10::9
2a00:1450:4001:800::2003
2a00:1450:4001:801::200a
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::2006
2a00:1450:4001:813::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4009:818::2003
2a00:1450:400c:c07::9b
2a02:26f0:3500:11::215:14dc
2a05:d014:776:a63e:931e:6ac2:944b:f27e
34.98.64.218
52.213.224.28
74.125.206.154
76.76.21.21
76.76.21.22
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
04f16191ed39ab91aa0ac52a6cca338d1649f6abab32bd94aa1ed7592bc80ac6
06584179213ea118374e6d0594f1943e1ec68df0e2f32ec96cdd61f79ab4d575
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12321b9701eabdfbe8bae72b22a0e2a99252e478089d8f76cbb28f690f42b731
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13c34d9b94c98de8770dc7335f2a72719556882cb2d2513882884dbecd595f92
14384033f62ba73a7308974cb2c0214831ff95023d5898f227064492c8bec84c
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18606380b7adcfaa93f3ae7e4675a05147b5e160f131ce8216df9f4c0ea55541
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1966dd5073c939fa8da3dd73ac944ba9baf5c7a17876785c51c8d517fd6cacc3
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e236dc3f67d9048dcc072cb35deb114fa4d3a980a870645b6ef7447aab8d82e
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2528f1592bd47881f4808eb2b6c7ba02009c06369e9857c9cc18885ee25809b4
291b29d3a269b8725f5090b24cd10bc1c750cbe4daa2c73b0fefe258740d6963
2bc6af15a42a7b6dd655abcc81821c3f0dd47f42aa391cfbf4aa8827ea970b89
2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7
2cd1b908881c4c36a5f30c066061598036c4f4391e77f649fd74f752d133f9ed
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3a5fa3073b94aa8259d04802566504c897fd640610ea9f36654cfacc615f325e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3fab9ddc37140b5c1b8e627c18d7a5f42edd758ebb50afbe819bdec9441f2fb8
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
492d439aeb0d5cc4ae9a2dd15257cb489d9d77a561e8ca2d8e947512a16ae421
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548b3e4d3542b45ab7ec864aa5163ba6f8913f77928372f8488192e71c332620
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
599b855581647efab0543043d5371d41dd06f65389279fcc659efb941ae8fd1c
5d9a62424d4fd5802a8eaecb615c45866da6ba6d89e0ebf43ff65becb64539d5
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5e0fb52d8bc58008649160c6f8fd15a2166d1a0f688375d6cdd14ff4c8711fec
5f080724ed37598119610e9402e3573c0cc0bd4e7f49a00339ea74d2ab699715
5f2924abcf6a7d41a69ee5be6730bf978b8211fce681b156a4cd8c0dbe1812c1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
79c949d7d3d0ef76a5b1f708ea41fc3849c76b6ab4782e1d07eb81b7ebb89856
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f584b7cca7a794aae766ee02fbe80342614f4ac64635abc7f830896c8fd3850
82561a6070e70550144c036c6a68dc4fe4c034edad908b6c7620160e4c69b8e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856bf36e3d42cf8a25bafbabf4a8be2bb2227d23fcfd9b9c3e4061d622450db4
87c06811f18508d924fc1a2476ead130e981811864f2f0bab5014f87ac67f92d
8c76523f2e483b8a1a812c43fdd954ca64052ebff296e5e6365b9e8acc4d2a86
8e8ae888ecb9bdc3144eba768780ad741476aa4c6fecdd40b4e9d42c4f3c81db
919d1b4e3ccac45d8fe13f9baa9205f82384856e6e1a469c803d216edea245ee
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9e4a36ca2a4906da1df3a9e76673e165340ef29f119e4396106add36ff3f80b5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58b32f70180e530dea9b5fe4be61c1dd587f775d6ca687f43c706feff870b42
aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab06507488ca1d4419bb16f8300295aec97f231938605b17537d661cf0503f35
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bee3cbd9f0dfe3817c2cd962598a4b19940d497b09ec194d9c4b65732b0db64b
cd3eb85bf558c970de7d669b8baae72fcdccf221b8bd4ebabb05956955addb8b
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16e1318fdc40f7f0be93a7be28239c61f9048837e8e71719efc2a282596929a
d3b314c94ba9fa92b1f0623856bc5bacb0662074f26aa4cd1fde2b50dd9dcd19
d5aa1cf69086039ddb8ec9eb33764e5b0235e20343171cf7baaaa2037b59bad2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de457d95cd3160c1e897470a21e96fb3b450adf6120e4dc87e1905b6620f9661
e28ccc91175311ddc6f472112f17acbb82692a7f383cf68fe40eed8a4522d7a1
e2977d08a3c9c3534ad6e4131ad9677797d6d9462e727faeb65a251c8ed5f275
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15c287012fc8c06cab5ffaa25399983e76937ba636af45083f3edab7739417d
f3dc495f120c7061acdfe18e280b9e514e778eee9acf8874beec79d15a49c50f
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1
f8b24d02466fbbb294ec7295f27f40869e8ca1c3869c83c499fdf72ba0de40a0
f8ce100e2132df55ad8e9fc5ba137fcff18d94f9043502618431e1d9889ecaa8
fcfab59e797148634c9c43e3112465d91899611c270e3c5acf3617802262260c
fffeca646555545c8fb0fb9fc1d08b6e9481509b0f0fb78b4243807ca076410c

www.appopener.com Open in urlscan Pro 76.76.21.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

175 Requests

93 %HTTPS

64 %IPv6

21 Domains

38 Subdomains

36 IPs

7 Countries

1926 kBTransfer

9129 kBSize

19 Cookies

1 Outgoing links

Page URL History

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.appopener.com Open in urlscan Pro
76.76.21.22 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

93 %
HTTPS

64 %
IPv6

21
Domains

38
Subdomains

36
IPs

7
Countries

1926 kB
Transfer

9129 kB
Size

19
Cookies

175 HTTP transactions
4 data transactions