urlscan.io logo urlscan.io
SecurityTrails logo

www.tw-giveaway-76.com Open in urlscan Pro
2606:4700::6812:7a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.tw-giveaway-76.com/
Effective URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl
Submission: On June 02 via manual from TW — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 12 domains to perform 91 HTTP transactions. The main IP is 2606:4700::6812:7a1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tw-giveaway-76.com.
TLS certificate: Issued by R3 on April 28th 2023. Valid for: 3 months.
This is the only time www.tw-giveaway-76.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700::6812:6a1 (United States)

ASN13335 (CLOUDFLARENET, US)
www.tw-giveaway-76.com
11    2606:4700::6812:7a1 (United States)

ASN13335 (CLOUDFLARENET, US)
www.tw-giveaway-76.com
10    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
1    2606:4700::6812:1297 (United States)

ASN13335 (CLOUDFLARENET, US)
www.aanbiedingenkiezen.be
1    159.69.145.0 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.0.145.69.159.clients.your-server.de
twapac.mycleverpush.com
11    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2606:4700:20::681a:e1f (United States)

ASN13335 (CLOUDFLARENET, US)
api.cleverpush.com
21    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
31 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
371 KB
14 cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 15933
api.cleverpush.com — Cisco Umbrella Rank: 18208
127 KB
12 tw-giveaway-76.com
www.tw-giveaway-76.com
153 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 51
111 KB
8 gstatic.com
www.gstatic.com
63 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 103
www.google.com — Cisco Umbrella Rank: 3
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
213 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 66
4 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8155
696 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1056
609 B
1 mycleverpush.com
twapac.mycleverpush.com
27 KB
1 aanbiedingenkiezen.be
www.aanbiedingenkiezen.be
60 KB
91 12
Domain Requested by
21 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
12 www.tw-giveaway-76.com 1 redirects www.tw-giveaway-76.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 static.cleverpush.com www.tw-giveaway-76.com
static.cleverpush.com
twapac.mycleverpush.com
10 pagead2.googlesyndication.com www.tw-giveaway-76.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
8 www.gstatic.com googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
4 fonts.googleapis.com googleads.g.doubleclick.net
4 api.cleverpush.com static.cleverpush.com
3 www.google.com 2 redirects tpc.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 twapac.mycleverpush.com static.cleverpush.com
1 www.aanbiedingenkiezen.be www.tw-giveaway-76.com
91 15

This site contains links to these domains. Also see Links.

Domain
trk.adstrck123.com
Subject Issuer Validity Valid
www.tw-giveaway-76.com
R3		 2023-04-28 -
2023-07-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
cleverpush.com
E1		 2023-05-12 -
2023-08-10		 3 months crt.sh
www.aanbiedingenkiezen.be
R3		 2023-05-20 -
2023-08-18		 3 months crt.sh
*.mycleverpush.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-14 -
2024-06-13		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl
Frame ID: 9069DDFFF4BE36192236E5F6C25272C8
Requests: 32 HTTP requests in this frame

Frame: https://twapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.tw-giveaway-76.com
Frame ID: FEEEEE1442BF2C668FFA60150D5C203B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/zrt_lookup.html
Frame ID: 687A9D23FC68442A1988DE17C8A4B8BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2025979610086129&output=html&adk=2548858943&adf=2513742895&lmt=1685675448&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=https%3A%2F%2Fwww.tw-giveaway-76.com%2Fcgi-bin%2Fwingame.pl%3F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685675448434&bpp=5&bdt=185&idt=101&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3211955296192&frm=20&pv=2&ga_vid=1668573452.1685675449&ga_sid=1685675449&ga_hid=1587357246&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074580%2C44785294%2C44788442%2C44793497%2C21065724&oid=2&pvsid=3980374667526211&tmod=2086203257&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=127
Frame ID: 05290B6EF3F8EA8D894136C00BB2495D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Frame ID: E05F47610537EDEA203E0C01E2B7E2B6
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Frame ID: B1ED017F5EE68EC45142BD302D3516C3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Frame ID: F6DBFA3FF93AB6BCBB48C54D2E1E2A65
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Frame ID: D67804BF2F883F27EF84D4501B11DADE
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9ACC4FB07B2B96B9FA162D77793D4424
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7B37FF4A27764086334E6C8FF06B329E
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Frame ID: 60E538E3C81B65B8F965EACD526E7782
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3B2DC24F542E48AD38CD9F88A12D339A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DCF308BA8C4176A7823F2BA97B2D83E2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
Frame ID: B18383C3175F225E528A6E5638132A5F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
Frame ID: 4E941F9F36A667E1C19ABB1E341E9599
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TW Giveaway

Page URL History Show full URLs

  1. http://www.tw-giveaway-76.com/ HTTP 302
    https://www.tw-giveaway-76.com/cgi-bin/wingame.pl Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mootools.*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

91
Requests

100 %
HTTPS

94 %
IPv6

12
Domains

15
Subdomains

16
IPs

2
Countries

1132 kB
Transfer

3463 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.tw-giveaway-76.com/ HTTP 302
    https://www.tw-giveaway-76.com/cgi-bin/wingame.pl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 85
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

91 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wingame.pl
www.tw-giveaway-76.com/cgi-bin/
Redirect Chain
  • http://www.tw-giveaway-76.com/
  • https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eb416340302678826f059738810dc1f13e87cf97350d6f897b7fe110bb41214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7d0c815c0fe9bba7-FRA
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 02 Jun 2023 03:10:48 GMT
server
cloudflare
strict-transport-security
max-age=31536000
x-firstpage
1
x-map-context
tw
x-page
pregame
x-served-by
a-04

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7d0c815bbca73820-FRA
Connection
keep-alive
Content-Type
text/html
Date
Fri, 02 Jun 2023 03:10:47 GMT
Location
https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Server
cloudflare
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
URI
<https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?>
X-Map-Context
tw
X-Served-By
a-02
sweepstake.bundle.css
www.tw-giveaway-76.com/dist/50/ 		106 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tw-giveaway-76.com/dist/50/sweepstake.bundle.css?2023-06-01.3
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ec4a52854010047cf8fec387d15fe01a4e9680c79510e80a1aa1ab06b8402d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by
a-02
date
Fri, 02 Jun 2023 03:10:48 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 28 Mar 2023 09:35:05 GMT
server
cloudflare
x-map-context
tw
etag
W/"6422b4c9-1a822"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
cf-ray
7d0c815f8a58bba7-FRA
expires
Sat, 03 Jun 2023 03:10:48 GMT
MooTools-Core-1.6.0-compressed.js
www.tw-giveaway-76.com/_global/js/framework/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tw-giveaway-76.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2023-06-01.3
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by
a-02
date
Fri, 02 Jun 2023 03:10:48 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2017 11:48:17 GMT
server
cloudflare
x-map-context
tw
etag
W/"5a059201-15e64"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7d0c815f9a59bba7-FRA
expires
Sat, 03 Jun 2023 03:10:48 GMT
moolidator.js
www.tw-giveaway-76.com/_global/js/ 		42 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tw-giveaway-76.com/_global/js/moolidator.js?2023-06-01.3
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e0ac8ce9eb8ef0cd02bba6f386d0485621e331a1ed34549f5e5c0be86ecc53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by
a-01
date
Fri, 02 Jun 2023 03:10:48 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 09 Mar 2023 10:32:23 GMT
server
cloudflare
x-map-context
tw
etag
W/"6409b5b7-a86a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7d0c815f9a5abba7-FRA
expires
Sat, 03 Jun 2023 03:10:48 GMT
moolidator_rules.js
www.tw-giveaway-76.com/_global/js/ 		26 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tw-giveaway-76.com/_global/js/moolidator_rules.js?2023-06-01.3
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1882617f2c99db327c697b10b3f518413f3d7deb012b2ce823fc20af965cd29d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by
a-02
date
Fri, 02 Jun 2023 03:10:48 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 27 Mar 2023 13:00:00 GMT
server
cloudflare
x-map-context
tw
etag
W/"64219350-6882"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7d0c815f9a5bbba7-FRA
expires
Sat, 03 Jun 2023 03:10:48 GMT
scripts.js
www.tw-giveaway-76.com/_global/js/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tw-giveaway-76.com/_global/js/scripts.js?2023-06-01.3
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0277c1245f8103772c6a4a0a401df99e3bf8de48b79d3fc7689106759b80070a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by
a-01
date
Fri, 02 Jun 2023 03:10:48 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 21 Jul 2022 07:31:48 GMT
server
cloudflare
x-map-context
tw
etag
W/"62d900e4-dd9a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7d0c815f9a5cbba7-FRA
expires
Sat, 03 Jun 2023 03:10:48 GMT
global.js
www.tw-giveaway-76.com/wingame/global/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tw-giveaway-76.com/wingame/global/js/global.js?2023-06-01.3
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15a0bb7454b1b68fb20219d5ae87839c10696d0b764ff38c0a26804cfab51e14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by
a-02
date
Fri, 02 Jun 2023 03:10:48 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 20 Oct 2021 11:33:12 GMT
server
cloudflare
x-map-context
tw
etag
W/"616ffe78-1f2f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7d0c815f9a5dbba7-FRA
expires
Sat, 03 Jun 2023 03:10:48 GMT
series.js
www.tw-giveaway-76.com/_global/wingame/76/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tw-giveaway-76.com/_global/wingame/76/js/series.js?2023-06-01.3
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d03674e626537f4851c74eabfb08c48d6469d062e8ae82f15a47086009b83b27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by
a-03
date
Fri, 02 Jun 2023 03:10:48 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 28 Mar 2023 12:11:56 GMT
server
cloudflare
x-map-context
tw
etag
W/"6422d98c-2236"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7d0c815f9a5ebba7-FRA
expires
Sat, 03 Jun 2023 03:10:48 GMT
sweepstake.js
www.tw-giveaway-76.com/wingame/50/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tw-giveaway-76.com/wingame/50/js/sweepstake.js?2023-06-01.3
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73308324f7bb3295b938b975da8b4e56e118149bd0d3f36c72c758b424e4bfdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by
a-01
date
Fri, 02 Jun 2023 03:10:48 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 06 Apr 2023 07:48:08 GMT
server
cloudflare
x-map-context
tw
etag
W/"642e7938-a89"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7d0c815f9a5fbba7-FRA
expires
Sat, 03 Jun 2023 03:10:48 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fad8d86b06b84502699c9d45c08dfe1453a9e23993a9c54ce43b80f98793b5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47698
x-xss-protection
0
server
cafe
etag
6793764020225027555
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 03:10:48 GMT
img-tw_7eleven_05.png
www.tw-giveaway-76.com/_static/_global/_supload/images/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tw-giveaway-76.com/_static/_global/_supload/images/img-tw_7eleven_05.png
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3ef65b3c66184f0039a1b2809f6ce293740b6f0044b67e316bdd96b6ce625f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
last-modified
Mon, 03 Aug 2020 03:57:13 GMT
server
cloudflare
etag
"3515868964"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d0c815fead7bba7-FRA
content-length
70149
expires
Sat, 03 Jun 2023 03:10:48 GMT
6h6jrWEtFkotoyjc9.js
static.cleverpush.com/channel/loader/ 		217 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/6h6jrWEtFkotoyjc9.js
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0628e739b4edd963323d3b68096df70096d8748e167c8f984de6d3bd363dafcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SMR744QZDVF6TS7Q
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
nUumvs36YWMSMjHX8W9HJLu/zwFxhF/XN/IDdYMG+d0ugzs2KyUBfTYb8F/tK6aeveE23yHfNzI=
last-modified
Thu, 01 Jun 2023 00:06:00 GMT
server
cloudflare
etag
W/"b198900f765a835cf3bd1f33874f042a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Lfv%2BiqQtcNZ%2FrI2EaH9%2FFdaCoVkOcPiFZPlIlxQKE9Za9PLWReDlTQkpXtII5kPYOMNOs0W1MkkgKXijHB4NROIzhKTSe3lqXpzPHicPFfZHmoPvK674t2Vmb2h%2BC36WRpj2J6mnXJUrJJQxSpph2gQDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
7d0c81601bbb9b45-FRA
bg-tw-7eleven-02.jpg
www.aanbiedingenkiezen.be/_static/_global/_supload/images/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aanbiedingenkiezen.be/_static/_global/_supload/images/bg-tw-7eleven-02.jpg
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1297 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
085aa66a1786382e0d4c397ea308872357ae536b0bfcbbc7e0b246f9611b304a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
last-modified
Thu, 02 Jan 2020 04:25:45 GMT
server
cloudflare
etag
"3501125208"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7d0c816049e60368-FRA
content-length
61619
expires
Sat, 03 Jun 2023 03:10:48 GMT
5.89dfd86a78af84e465de.js
static.cleverpush.com/sdk/chunk/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.89dfd86a78af84e465de.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/6h6jrWEtFkotoyjc9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f11e526430b072c6eac93772fb48ded77d2219ac8a25b6494151a677b8809552

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6ZRCM5SF6SG8244B
age
41392
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
a2VF1tHOAVwpSMu71ZqJf2XspwCm4WkRmUHscCP1Uv/HgSJqK5aB0CkQwfHvgIet1/4VxgBdv20=
last-modified
Wed, 31 May 2023 15:35:29 GMT
server
cloudflare
etag
W/"768bc4fdc1160ef3c91eac2a25bcbc00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOzXy0wtFEXD2RX2RGSyOhrjruyDpmhNRqRnVpUN1byOZNpe7g3RHx9%2Bg7vJMAYzQPpE76lLgIfqKbSX6Zfu0JKgoYgNQm6v4YnuMb9dsEGcSf%2Bx4sYMtDV%2BwGrasTttvTiLtSdzI4vW%2BoImroQMd9nQiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
7d0c81608c3b9b45-FRA
251.ff5b3c0c290e9961835b.js
static.cleverpush.com/sdk/chunk/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/6h6jrWEtFkotoyjc9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TC0WG1M8X8TRRBKT
age
40680
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
S/LmRIkMdcEsUbL0Vku0W1Zx10g83eccfqLjKoRr1yRrMpb35+x5NPRGlaRumv2Rg/k5E7x2Gdk=
last-modified
Thu, 01 Jun 2023 15:52:39 GMT
server
cloudflare
etag
W/"e89cddaa8c63cff3a495570a91d5e690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rx8NfuhILHH6%2Fy0XKG42s7aX3%2BnIf3s1Dl6cAnbTXKwcMZ4v7mgyBJNGnh79nRlPKzmd6UdZfIyQF2ApMmakBB7eDe%2FrnGaPpH5vo0uILoDw8uhxcqE1Xgypc3fBizxhUiDtUXzCRznaN2O2VRrwRS4Guw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
7d0c81608c3c9b45-FRA
115.1dfb03af147ab39880a9.js
static.cleverpush.com/sdk/chunk/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/115.1dfb03af147ab39880a9.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/6h6jrWEtFkotoyjc9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29c4f623f3f92218fe79ab8706c288096af16027116ec962d93a9193329143e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WWQFY9S30B34MWGH
age
2182
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/2mDvRWIKGwokMqs554UumcEvgdIeBJv0ejj7lwWJNMXuzJAu8hYFc5oJeL6crpALKjxlRvBGVY=
last-modified
Thu, 01 Jun 2023 14:32:46 GMT
server
cloudflare
etag
W/"43d44b027d3792b00a3100c74ba89183"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btwQRCcoCyVEAk9EC1I9vCg70q1OWOP43SUksA3PSWdor1C7y8pwqy43RTW1dWqjdytinK33yAiX2J4GojOfIt1AW29v7B4vYgplBkdhSHftTc2SlSHtUcJ4YbL9WZKPc9MiBTCOro0PvQeLNJNvoGUUNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
7d0c81608c3e9b45-FRA
iframe
twapac.mycleverpush.com/ Frame FEEE 		71 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://twapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.tw-giveaway-76.com
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.145.0 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.0.145.69.159.clients.your-server.de
Software
/
Resource Hash
352e7c174c6c5456b7965960b7221929e07bdad8e076e09b5cd45af09687c2ef
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.tw-giveaway-76.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept
cache-control
public, max-age=1800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 02 Jun 2023 03:10:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-backend-server
cleverpush-worker-3
x-cache-status
HIT
x-robots-tag
noindex
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ 		351 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.tw-giveaway-76.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9421bd1509689f2fb128a19ccad028559ff84b30455d9f25d81c33c662c0dd86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120656
x-xss-protection
0
server
cafe
etag
16104208189451124514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 03:10:48 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/ Frame 687A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tw-giveaway-76.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26441
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 19:50:07 GMT
etag
15057649708203361565
expires
Thu, 15 Jun 2023 19:50:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5.1539c97e88fcf8138514.js
static.cleverpush.com/sdk/chunk/ Frame FEEE 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.1539c97e88fcf8138514.js
Requested by
Host: twapac.mycleverpush.com
URL: https://twapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.tw-giveaway-76.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
681d36d986358fcd28ca96e50b1a5f2dea8641d95856c77b53d28f5490b6b3f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twapac.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YGT4HGE0T664RDK1
age
40640
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
OqCZYCAJ812LDz4aYvUqoLSNpsDeS2l5KckAmZBdTYEqZvBWitEyr2Y3N/IuRYuVc7zf8yrf9C4=
last-modified
Thu, 01 Jun 2023 15:52:39 GMT
server
cloudflare
etag
W/"0e2abea48837e279e26fb97a24fbbaf7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JV9SSpGhqahR0JAbdWX9pvIo0SvjZ%2F2Fle2zUrrTzTPlmM9DFvw8XBJskgAn20x9N5NLkqZn7eEOPk5fw6HeHwcsWuIT9m8a%2BMf4nUmovdgqBqdM3DfiuKHdqZckKAbzZUuCWnOZ4WLTuRa0WdeH3PkoAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
7d0c81614dbf3a5c-FRA
251.ff5b3c0c290e9961835b.js
static.cleverpush.com/sdk/chunk/ Frame FEEE 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by
Host: twapac.mycleverpush.com
URL: https://twapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.tw-giveaway-76.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twapac.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TC0SYX9SPTM2C54W
age
40680
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oaCB2qadrXI5m20KYSeBTXx3i+n/hDUzXovGYXI9fqfGsH3/HTeBlvoBKK3y/5V5LeJuUQKvILk=
last-modified
Thu, 01 Jun 2023 15:52:39 GMT
server
cloudflare
etag
W/"e89cddaa8c63cff3a495570a91d5e690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tn%2FixGwyylAGQgXb7IB2TIwYZjugu2tcaJlv%2Bn3iW6wesIY3nepuIthirQoO%2B2GfrecK22XSzPz16nXfX9kQctfktMtC18RpDOdcIfj2fmepseIXwsd7kB3JeNx66ABCJ3XSrUXHoJOIgeWNk%2FQi0B63AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
7d0c81614dc13a5c-FRA
818.a57bf931a2ae72731020.js
static.cleverpush.com/sdk/chunk/ Frame FEEE 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/818.a57bf931a2ae72731020.js
Requested by
Host: twapac.mycleverpush.com
URL: https://twapac.mycleverpush.com/iframe?origin=https%3A%2F%2Fwww.tw-giveaway-76.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
828d061fc6ee4c45da4fa52015068c44230241d2a9977d85dc7480f106bb8562

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twapac.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HQANMFZPGHC30VD7
age
40436
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wur04zIIwX9HFvYhB0zpqQPmBpFC9OTeKJZAYIEi3ycGW9Kjo4Ly9hwiBIsbuTV5k5m+WGziUBg=
last-modified
Thu, 01 Jun 2023 15:52:40 GMT
server
cloudflare
etag
W/"1e706587e7b34208f748533f72fb63bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=223vBtmleLWPFO%2BPtVSmlo7eOH3cSgkUbxUJrdhxVfdY7EBPQItlnfWjdXMsmI%2BOjZhKaT3Y9OLGBSZXxfj3JzCvGhu22aJUWuEyr237BkvVluGbU%2F37Fu%2BzHRwDrmoUAg5Gh1LkBWEiTNg9jwCzoQKu0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
7d0c81614dc23a5c-FRA
cookie.js
partner.googleadservices.com/gampad/ 		403 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.tw-giveaway-76.com&callback=_gfp_s_&client=ca-pub-2025979610086129
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.tw-giveaway-76.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2f31a60fd08fa13e7d193f7eba1fe691ad36545a93c3ec41694047707f9d2c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
257
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.tw-giveaway-76.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.tw-giveaway-76.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tw-giveaway-76.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.tw-giveaway-76.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0529 		522 KB
88 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2025979610086129&output=html&adk=2548858943&adf=2513742895&lmt=1685675448&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=https%3A%2F%2Fwww.tw-giveaway-76.com%2Fcgi-bin%2Fwingame.pl%3F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685675448434&bpp=5&bdt=185&idt=101&shv=r20230530&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3211955296192&frm=20&pv=2&ga_vid=1668573452.1685675449&ga_sid=1685675449&ga_hid=1587357246&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074580%2C44785294%2C44788442%2C44793497%2C21065724&oid=2&pvsid=3980374667526211&tmod=2086203257&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=127
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.tw-giveaway-76.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4abac4600aa9f6f8e6b4207bee2f50686405118b20f8789cb12bd7951005197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tw-giveaway-76.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
90076
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Jun 2023 03:10:49 GMT
expires
Fri, 02 Jun 2023 03:10:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
103.b10f0d46d101c9c5c7e2.js
static.cleverpush.com/sdk/chunk/ 		96 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/103.b10f0d46d101c9c5c7e2.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/6h6jrWEtFkotoyjc9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540457c838884f5699956bc3204f130c416959c862818719a002ed204cdc0d07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TC0ZQC84XRZ54990
age
40680
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
duZO9M6ZiI1DK+mY5vpIe1gqgmbNbGAz3gKhDSPsQlv0U41We/5deh9VxRMWcvW3cGh83xie1+E=
last-modified
Thu, 01 Jun 2023 15:52:38 GMT
server
cloudflare
etag
W/"63e4acb5b8f0b10288e3e202c59b0bc4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7c4aUbOjoQuGGeQDl1BxZgdZCvA5U3mlvZwtiU9paLEjfDpULmzzP%2BMLtHm10EJRLJST4%2FZnBzqE6U6U4UfkKC4ty0%2BP3Xp%2BygzSx2XDmlMFvjieUuGI6dovclLPxGE7gWrksxinj99gO%2FT9DDE3apt2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
7d0c81619df13a5c-FRA
720.55231f155181fb9d5879.js
static.cleverpush.com/sdk/chunk/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/720.55231f155181fb9d5879.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/6h6jrWEtFkotoyjc9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3214bb8ca6b5a5c57f5481943ca34d8fe577f53bc03d67ef33034b5717fb45f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WWQ66A36GC4NX98J
age
2182
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
fSzAv6TKdLC0bUiTuVu9KFnaLFjrpoznouyNqJub0MKlZOuq0yq6+XwwSJ8jJRtglpMmCDniv3A=
last-modified
Thu, 01 Jun 2023 14:32:48 GMT
server
cloudflare
etag
W/"ae3c45e69dfb8733d7f5b5618fcd5210"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StqUTb0wuAUfq5D09MgWo5ECIEequz5vvfcLO0gjK1CMurKODt2CSRp6N0g9LApLYTgm7CSY79f7%2BCfXcnAExaVSS0kB3Tk22xUhW6enuN0ygeRkGP9X6wTS%2FaDi9QsxFeNgu9HSjOFVpnfDdGZCGlwfng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
7d0c81619df33a5c-FRA
optin-visitor
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tw-giveaway-76.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7d0c81621eb23614-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Fri, 02 Jun 2023 03:10:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NY1jpjGbigOtA%2B7jwuHAVY8qkVXb559GahAMDubi2cTQLHKfeiE08KxhH3PyMVagFrsg1sUreYMtVPPMqOCeoxAcW5x%2BkQPrjEx8OxzdT6faisSBK2T7%2FYGolVcZa2btHabHeuM2GgD%2BJ%2FUQEDIfw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
confirm-alert
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.tw-giveaway-76.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7d0c81621eb43614-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Fri, 02 Jun 2023 03:10:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IzzFIwedSsGcmpb0x3ArquYoUAm2zne4mPxxl%2F0xcALnU0EbpPEt7%2FCe5SPYPpkvFtPSK5rpd0Py6GdaV8wca3eiG0ndnRmEmjsy5faqZga%2FHl75vRmw%2B0XArgJPrgEc7lqhYYSJiTdAyEJ14euaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
optin-visitor
api.cleverpush.com/channel/ 		16 B
350 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/6h6jrWEtFkotoyjc9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.tw-giveaway-76.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-1
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8321oelQ5s5yHsb31Xa8NiBtxD0xPT3z6aFkCcPl8uqeNdzdpd7FNW7tVv5UvJxxVXiP0wX0p3yjwCJGjv%2FzXAkfLOIaEgHU0a9n3HjhaOEaXS4%2BsBaEobm1X9NiiQ7HgbrbK38ianhm7xXsDl%2BXkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
7d0c81624ecf3614-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
confirm-alert
api.cleverpush.com/channel/ 		16 B
316 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/6h6jrWEtFkotoyjc9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.tw-giveaway-76.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-1
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MArEx%2FpQorBbuSJTH7L0g73b96Cx%2F5b2YbAimOSGx%2FQI8couiHy2eesVzkERxM2vDfnYDxz%2FSyU90B%2FEaJDdqzmJomsKRcWw10dvxS8zwQ1R%2BiSRY8r%2BcP1Ig%2FXsg2fhoO%2FMTuEnahY3LYC7cNQphg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
7d0c81624ecd3614-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
global.pl
www.tw-giveaway-76.com/cgi-bin/ 		1 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.tw-giveaway-76.com/cgi-bin/global.pl?todo=log_misc&ident=cleverpush_show
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-map-context
tw
content-type
text/html
cf-ray
7d0c8161dc48bba7-FRA
x-served-by
a-03
d4R2zsD4QNt8aHGS4.png
static.cleverpush.com/notification/icon/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cleverpush.com/notification/icon/d4R2zsD4QNt8aHGS4.png
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9dd2b94a3ff115cb7475222f18127dbf181da22ca662f7721b69a231d60c3da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:48 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Oct 2020 14:19:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
4M4VZYRJBR8DFHJF
etag
"971cc209e2a268d6a0c46f9159caff90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lin1ZRq%2FtsAAt8Kdl1mPmtn36kk2Oym%2BN81R4dieyJ6xCFXCXhVxdi4dnsSWu8%2FDxgJ16zSIt5U9Vd9f17RWmMzSEtaWb1NAqwMASfyzu6oSuADrm0O29mVEB7eIZ9iD9TSMIWZrEes8FK8Xt0yuqd3z%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
7d0c8161de0d3a5c-FRA
alt-svc
h3=":443"; ma=86400
content-length
5014
x-amz-id-2
JFH9y8m/bShr5BPW7lhN6UWR5bsKRHqMoGPUJCRDUy2hXXcVi1hdTUOMijFcQsS29mSLq5TzORU=
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230530&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.tw-giveaway-76.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c7cb4468343be5d2778b9f7e02480d01b88cc6d41b9f92020277fe9bb41d282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11185
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ 		152 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.tw-giveaway-76.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3e82cbb583531cb4fcb958dbc9991369a56a4be5ec484caa603aaf8e28d2294
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52792
x-xss-protection
0
server
cafe
etag
7368158975144481535
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 03:10:49 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.tw-giveaway-76.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 02 Jun 2023 03:10:49 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.tw-giveaway-76.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.tw-giveaway-76.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tw-giveaway-76.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.tw-giveaway-76.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/ Frame E05F 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.tw-giveaway-76.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tw-giveaway-76.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 22:07:58 GMT
etag
15057649708203361565
expires
Thu, 15 Jun 2023 22:07:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/ Frame B1ED 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.tw-giveaway-76.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tw-giveaway-76.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 22:07:58 GMT
etag
15057649708203361565
expires
Thu, 15 Jun 2023 22:07:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/ Frame F6DB 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.tw-giveaway-76.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tw-giveaway-76.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 22:07:58 GMT
etag
15057649708203361565
expires
Thu, 15 Jun 2023 22:07:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/ Frame D678 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2025979610086129&plah=www.tw-giveaway-76.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tw-giveaway-76.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 22:07:58 GMT
etag
15057649708203361565
expires
Thu, 15 Jun 2023 22:07:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame E05F 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Jun 2023 03:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 02:58:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Jun 2023 03:10:49 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E05F 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 22:59:04 GMT
x-content-type-options
nosniff
age
15105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 31 May 2024 22:59:04 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E05F 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 00:33:12 GMT
x-content-type-options
nosniff
age
9457
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 01 Jun 2024 00:33:12 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/ Frame E05F 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdb8889029e112e6178e400c7b7b4b900ca01e12f08089e994a055236b4b74d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 14:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
47305
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5756
x-xss-protection
0
server
cafe
etag
6942144704403180717
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 14:02:24 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/ Frame E05F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 14:02:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
47305
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8300
x-xss-protection
0
server
cafe
etag
2697337515266134059
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 14:02:24 GMT
css
fonts.googleapis.com/ Frame B1ED 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Jun 2023 03:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 02:57:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Jun 2023 03:10:49 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame B1ED 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 19:50:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
26438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:50:11 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame B1ED 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 19:50:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
26438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8798
x-xss-protection
0
server
cafe
etag
11317101923912129037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:50:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame B1ED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 13:23:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
49620
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 13:23:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame B1ED 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 20:06:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
25430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 20:06:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B1ED 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54276
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685532878231373"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Jun 2023 03:10:50 GMT
0a0369f67a094afc57e3321b90807283.js
www.gstatic.com/mysidia/ Frame B1ED 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 17:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13649
x-xss-protection
0
last-modified
Mon, 22 May 2023 16:52:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 27 Aug 2023 17:15:44 GMT
css
fonts.googleapis.com/ Frame F6DB 		4 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Jun 2023 03:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 02:24:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Jun 2023 03:10:49 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame F6DB 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 19:50:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
26438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:50:11 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame F6DB 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 19:50:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
26438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8798
x-xss-protection
0
server
cafe
etag
11317101923912129037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:50:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame F6DB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 13:23:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
49620
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 13:23:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame F6DB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 20:06:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
25430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 20:06:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F6DB 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54276
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685532878231373"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Jun 2023 03:10:50 GMT
0a0369f67a094afc57e3321b90807283.js
www.gstatic.com/mysidia/ Frame F6DB 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 17:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13649
x-xss-protection
0
last-modified
Mon, 22 May 2023 16:52:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 27 Aug 2023 17:15:44 GMT
ef33bde3b6f53b5d50fc677805f1b9fa.js
www.gstatic.com/mysidia/ Frame D678 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 09:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3674
x-xss-protection
0
last-modified
Mon, 22 May 2023 16:52:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 27 Aug 2023 09:26:39 GMT
0d45a8785eb2baeb4eb1c97aee3191c6.js
www.gstatic.com/mysidia/ Frame D678 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0d45a8785eb2baeb4eb1c97aee3191c6.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9308b705d2d0ac6c12ed564db32be5b6db776e14ceefd8c7f16c947e65db6b0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 05:27:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251000
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3912
x-xss-protection
0
last-modified
Sat, 27 May 2023 00:00:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Aug 2023 05:27:29 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame D678 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 19:50:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
26438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:50:11 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame D678 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 19:50:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
26438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8798
x-xss-protection
0
server
cafe
etag
11317101923912129037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:50:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame D678 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 13:23:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
49620
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 13:23:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame D678 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 20:06:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
25430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 20:06:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D678 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54276
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685532878231373"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Jun 2023 03:10:50 GMT
0a0369f67a094afc57e3321b90807283.js
www.gstatic.com/mysidia/ Frame D678 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 17:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13649
x-xss-protection
0
last-modified
Mon, 22 May 2023 16:52:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 27 Aug 2023 17:15:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9ACC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tw-giveaway-76.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11352
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Jun 2023 00:01:37 GMT
expires
Sat, 01 Jun 2024 00:01:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7B37 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6765fc169cf72072733541f5723537f9b7a0eb3c45c2228e238b37663a685f7f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FRG5mcLb-FMZ7hWRMVd7kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tw-giveaway-76.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-FRG5mcLb-FMZ7hWRMVd7kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 02 Jun 2023 03:10:50 GMT
expires
Fri, 02 Jun 2023 03:10:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
pagead2.googlesyndication.com/bg/ Frame 9ACC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:40:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
77399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14729
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 31 May 2024 05:40:51 GMT
css
fonts.googleapis.com/ Frame 60E5 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Jun 2023 03:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 03:02:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Jun 2023 03:10:50 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 60E5 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 19:50:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
26439
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:50:11 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame 60E5 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 19:50:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
26439
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8798
x-xss-protection
0
server
cafe
etag
11317101923912129037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:50:11 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3B2D 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3597
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Jun 2023 02:10:53 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 60E5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 13:23:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
49621
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 13:23:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 60E5 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 20:06:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
25431
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jun 2023 20:06:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 60E5 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54276
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685532878231373"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Jun 2023 03:10:50 GMT
0a0369f67a094afc57e3321b90807283.js
www.gstatic.com/mysidia/ Frame 60E5 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 17:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13649
x-xss-protection
0
last-modified
Mon, 22 May 2023 16:52:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 27 Aug 2023 17:15:44 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D678 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ct64IuF15ZPaZJNPCgQes-5uYCqCos8VwyrbjwvANpOfy7ZUCEAEg0MStZ2CV0rSCwAegAYD06f0CyAEBqQLQ8SGefHVhPqgDAcgDwwSqBN0BT9AgfdBm5oGjNWZiBZlQeluVD4j5057-LYIexumwXXJjF9bh2Vc5ScoBsQR1tl049EAie_3tsNnFLVv-0lefTaoN3ClgQzEOiNhjj8T2QnjtbM2BIruMdHB2parE3CbpSFn9eG2HLELOF8C_XAgfJmjq6DLpp7rn7elK8TEd1IoWEcAt71EqF0JA2sUQo9DjvDPqdBoYipA9cxB09sVy8dFaEU2SHobefjb3I5j5N0s-PvB6yibjCXJ0htT9bC6hHX3__qGm8X3firmjCXppU5jpqeMNk2N92FzghpTABMfVjJXlA5IFBAgEGAGSBQQIBRgEoAZRgAfoi5aCAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJyiJNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItMjAyNTk3OTYxMDA4NjEyORgA&sigh=pVHl-AZNZsQ&uach_m=[UACH]&cid=CAQSGwBygQiD-3RAwwRdfOrXWG6WAOAplmkAI1dlOhgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 02 Jun 2023 03:10:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Jun 2023 03:10:50 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame DCF3 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3597
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Jun 2023 02:10:53 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D678 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f21650e7cc83876f638747f9770d4ef422ed3337b9155a5ea2f1c041bc25fe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 7B37 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230530&jk=3980374667526211&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3B2D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Jun 2023 03:10:50 GMT
expires
Fri, 02 Jun 2023 03:10:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Jun 2023 03:10:50 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame DCF3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Jun 2023 03:10:50 GMT
expires
Fri, 02 Jun 2023 03:10:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Jun 2023 03:10:50 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
pagead2.googlesyndication.com/bg/ Frame B183 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:40:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
77399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14729
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 31 May 2024 05:40:51 GMT
9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
pagead2.googlesyndication.com/bg/ Frame 4E94 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9rqtaVZiiC_7YLKwh7YBfT4gwbCPSzX7QNXGZKOGVto.js
Requested by
Host: www.tw-giveaway-76.com
URL: https://www.tw-giveaway-76.com/cgi-bin/wingame.pl?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:40:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
77399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14729
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 31 May 2024 05:40:51 GMT
generate_204
tpc.googlesyndication.com/ Frame 9ACC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2m3bxw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 03:10:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230530&jk=3980374667526211&bg=!jo2ljdnNAAZu7ficTu07ADkAdvg8WuGzo0XLB0AXASsuKg0jzcV2K51eOwz6QieN-4Zq0cQInMY-kzlCQCYxREvlJpBnRi5PngUCAAABCFIAAAADaAEHCgBaaTlStlLKp5Z0wNvU12qtLWl68MdEpjqWy7b9B4T4UzVlqrcup9dyrVbyKrOtIefo_LZu4-tpZEE9nnpKnQcizDPAvEanWEb3AjH9-8aQ0In5nNWxXLW2BSxAmQLqRl8plSwnRsmdKcga13vNHVZvN82ZhDU4kYezVvsfcIffRt-SpNQNr0p2Y88XFqP0k3Bej-F9262v4Iv4HQW1aIukfrZ4jJWxi9ITItTs829XnRoZqCEq-KX27Vt7oJeDc8WYYetjD8ZwZBTDBKzss3zERxH_gkNiriPeNucZHghPIOZRd1bcBqYPfBkOZL9t2w80Keqd1XfuEgFmpomB0JltCwQ7VVlVImasRRZWxQirZodVjW_NY-31jBB6MTZKE54yy-KlFPaFLOZsWgU7EFWFGXQYqmXnONBEtPjVXfEqSnlURvLRE-XnH0Qm7pNQA5OEn99O_xj0bVwcT0K3x5yzL5hapc35nQuohE2dX799BzCX6PLG5gyyD9ySR1IdxNgSkVQ3-ZWs6UHdcVGdNXAxTAr-HHma27uvaTiQ2vFp0yY139i5OTD94qUCocLnpxCGlXvFk7fqD05QcGjjYmycc0QEPjxhy7sFji6u_4YbJ_4ouudb9Is1thSGT10E8iFDaYyYTKeKWwfS4ETgiuRNYQqm4rmNlA5dTWh6U_xHbM6SWSElnbRJTcTbY-lDvKxi1-Dobfz_5IyWQd45UJrKxevikKLeRuatpTHQNrHZtQuJq5g894WfyKUOeApEEFEpVyMRfaN0PNGa5xKRg3VVlD37fpS4LQbU_JT5aTo5olI79HnEXod3IEZEiom8tMGxebHUIWfaG-lndx9odaCaLygEo3jSvS0c2Biz5A8wrJ0g-mFKKjpGHWpStcJuQhktpIJfnHknn9QF8SrxMAWkOL0Q8qnCbRQKs6tkm-urXo_FIs19UkqzesnrwWJAZNQQ7_hnL0RH0oXvar8PBokjMCBNatiZCpFm_AYLdR4hHvDUGkv61ZiZPozFdbEXb6XhMa1Vzsjd6i-ElqEDJb0F6uOXDZYUKD4Z6iYVHtDTHzQ4G8v1zUpSHQ3rLexLJw1RZAHZZjstvv8e29Pe1CzfpZBelrjhbD4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tw-giveaway-76.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame D678 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSK6jlqX6_44ahjefkd3U8s_w6_jam_xWjBFVVG95vOpoaet4-kUb6riMM6rzZYs8eiPVfzT2GfI6z8LR1HZCAnDK_xNiDZG7PEUFmQDwKxMnVw-UMzsKogMzbkV1BKzecIvi64A&sai=AMfl-YQIO9xnnoc31doojm5OvAJcRYaOsaV1BvVCWPx6RbDGi6PVMzCteE7Uw1AQ0Vre1aczZQzZ6LtZK6QJ&sig=Cg0ArKJSzKCoG7RmsnMrEAE&cid=CAQSGwBygQiD-3RAwwRdfOrXWG6WAOAplmkAI1dlOhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=92,774,1000,1033,1033&tos=92,682,226,33,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2548858941&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685675449907&rpt=339&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jun 2023 03:10:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 boolean| credentialless object| onbeforetoggle object| onscrollend string| rS string| rI string| pI function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type object| Browser function| $constructor function| $family function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| DOMEvent function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx string| user_device_type function| Moolidator_Lite object| moolidator_lite_rules string| mooli object| moolidator_lite_countries object| Maxlength_on_number_fields function| get_parameter function| popunder_on_submit boolean| popmaster function| localStorage_is_supported function| openWindow function| enableFields function| log_misc function| get_enc_type function| isIE object| scroll_into_view function| field_jumper function| backwards_button undefined| trackEvent function| goToNextPageByGoButton function| appendScript function| checkPerformanceEntries object| ab object| log string| winnerH1 string| winnerImages function| writeImages function| addOption function| activateDrop function| deActivateDrop function| deleteOptions function| fillDistrict function| fadeIn boolean| page_submitted undefined| field_validator string| current_page undefined| scroll_position_x function| iframe_selector function| open_iframe function| open_layer function| initialize_quiz function| initialize_selectedPrize function| add_pop_iframe_closer_events function| setFilledClass string| sponsor_switch string| sponsorlimit object| POPUNDER string| context boolean| cleverpushId object| CP object| CleverPush function| cleverPushInitCallback undefined| dccBts object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp number| c2 number| c1 object| GoogleGcLKhOms number| google_lpabyc object| googletag object| google_image_requests

4 Cookies

Domain/Path Name / Value
.tw-giveaway-76.com/ Name: __gads
Value: ID=8578bfd306ed663f-228362a4ffdd0094:T=1685675448:RT=1685675448:S=ALNI_MZDpOFfrW6peUTpAvvY12cv1VGcAg
.tw-giveaway-76.com/ Name: __gpi
Value: UID=00000c2ad50d1685:T=1685675448:RT=1685675448:S=ALNI_MbuXFGXSesA1QS5-AwjzyaiEmm1Ug
.doubleclick.net/ Name: IDE
Value: AHWqTUmDFTelvlJmKqUUAWIOdjbT2cmykmNsL7gN0RusGFOqbYIAxkjqZ3sX8Azydus
.doubleclick.net/ Name: DSID
Value: NO_DATA

1 Console Messages

Source Level URL
Text
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=2548858943&client=ca-pub-2025979610086129&fa=3&ifi=3&uci=a!3&xpc=chV4GBTMoB&p=https%3A//www.tw-giveaway-76.com
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.cleverpush.com
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
static.cleverpush.com
tpc.googlesyndication.com
twapac.mycleverpush.com
www.aanbiedingenkiezen.be
www.google.com
www.googletagservices.com
www.gstatic.com
www.tw-giveaway-76.com
159.69.145.0
2606:4700:20::681a:e1f
2606:4700:20::ac43:47b8
2606:4700::6812:1297
2606:4700::6812:6a1
2606:4700::6812:7a1
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
0277c1245f8103772c6a4a0a401df99e3bf8de48b79d3fc7689106759b80070a
0628e739b4edd963323d3b68096df70096d8748e167c8f984de6d3bd363dafcc
085aa66a1786382e0d4c397ea308872357ae536b0bfcbbc7e0b246f9611b304a
15a0bb7454b1b68fb20219d5ae87839c10696d0b764ff38c0a26804cfab51e14
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1882617f2c99db327c697b10b3f518413f3d7deb012b2ce823fc20af965cd29d
24e0ac8ce9eb8ef0cd02bba6f386d0485621e331a1ed34549f5e5c0be86ecc53
29c4f623f3f92218fe79ab8706c288096af16027116ec962d93a9193329143e0
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2ec4a52854010047cf8fec387d15fe01a4e9680c79510e80a1aa1ab06b8402d0
2f3ef65b3c66184f0039a1b2809f6ce293740b6f0044b67e316bdd96b6ce625f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3214bb8ca6b5a5c57f5481943ca34d8fe577f53bc03d67ef33034b5717fb45f1
352e7c174c6c5456b7965960b7221929e07bdad8e076e09b5cd45af09687c2ef
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
540457c838884f5699956bc3204f130c416959c862818719a002ed204cdc0d07
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eb416340302678826f059738810dc1f13e87cf97350d6f897b7fe110bb41214
5f21650e7cc83876f638747f9770d4ef422ed3337b9155a5ea2f1c041bc25fe9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6765fc169cf72072733541f5723537f9b7a0eb3c45c2228e238b37663a685f7f
681d36d986358fcd28ca96e50b1a5f2dea8641d95856c77b53d28f5490b6b3f4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73308324f7bb3295b938b975da8b4e56e118149bd0d3f36c72c758b424e4bfdb
7c7cb4468343be5d2778b9f7e02480d01b88cc6d41b9f92020277fe9bb41d282
828d061fc6ee4c45da4fa52015068c44230241d2a9977d85dc7480f106bb8562
88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4
9308b705d2d0ac6c12ed564db32be5b6db776e14ceefd8c7f16c947e65db6b0b
9421bd1509689f2fb128a19ccad028559ff84b30455d9f25d81c33c662c0dd86
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
a3e82cbb583531cb4fcb958dbc9991369a56a4be5ec484caa603aaf8e28d2294
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9dd2b94a3ff115cb7475222f18127dbf181da22ca662f7721b69a231d60c3da
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
c2f31a60fd08fa13e7d193f7eba1fe691ad36545a93c3ec41694047707f9d2c0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cdb8889029e112e6178e400c7b7b4b900ca01e12f08089e994a055236b4b74d6
d03674e626537f4851c74eabfb08c48d6469d062e8ae82f15a47086009b83b27
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11e526430b072c6eac93772fb48ded77d2219ac8a25b6494151a677b8809552
f4abac4600aa9f6f8e6b4207bee2f50686405118b20f8789cb12bd7951005197
f6baad695662882ffb60b2b087b6017d3e20c1b08f4b35fb40d5c664a38656da
fad8d86b06b84502699c9d45c08dfe1453a9e23993a9c54ce43b80f98793b5f8