ipa.tweakdoor.com Open in urlscan Pro
2a02:4780:b:653:0:31a8:9fcf:2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ipa.tweakdoor.com/
Effective URL:
https://ipa.tweakdoor.com/
Submission: On November 19 via api (November 19th 2023, 4:38:23 pm UTC) from US — Scanned from DE

Summary HTTP 187 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 187 HTTP transactions. The main IP is 2a02:4780:b:653:0:31a8:9fcf:2, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is ipa.tweakdoor.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on September 28th 2023. Valid for: 3 months.

This is the only time ipa.tweakdoor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 65	2a02:4780:b:6... 2a02:4780:b:653:0:31a8:9fcf:2	47583 (AS-HOSTINGER) (AS-HOSTINGER)
20	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5 29	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
43	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7 8	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
10	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
187	11

65 2a02:4780:b:653:0:31a8:9fcf:2 (Phoenix, United States) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

ipa.tweakdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 7 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	tweakdoor.com 1 redirects ipa.tweakdoor.com	842 KB
63	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	889 KB
29	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	290 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	118 KB
10	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
8	google.com 7 redirects www.google.com — Cisco Umbrella Rank: 2	955 B
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	509 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	7 KB
187	8

	Domain	Requested by
65	ipa.tweakdoor.com	1 redirects ipa.tweakdoor.com
43	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
29	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
20	pagead2.googlesyndication.com	ipa.tweakdoor.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	www.googleadservices.com	ipa.tweakdoor.com
9	www.gstatic.com	googleads.g.doubleclick.net
8	www.google.com	7 redirects tpc.googlesyndication.com
8	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
187	10

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
ipa.tweakdoor.com ZeroSSL RSA Domain Secure Site CA	`2023-09-28` - `2023-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://ipa.tweakdoor.com/
Frame ID: 8D7AA114D99C2436539A1CBCADEF4AC5
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 14519C3CA3EC743C760D3DC4AF48D80B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&adk=1812271804&adf=3025194257&lmt=1700411897&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897727&bpp=2&bdt=681&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2640641370451&frm=20&pv=2&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: 0C89E6E3D5EA9FA676CFD721EC6BA50B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=1839787983&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897729&bpp=1&bdt=683&idt=253&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=257
Frame ID: 89816DC4F360C0D6A5F740134D2BCF7F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3157715409&adf=304262699&pi=t.ma~as.6512142923&w=880&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=880x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897730&bpp=1&bdt=684&idt=258&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=260
Frame ID: A6182AAE366A9E6A8F615993A1BD9062
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=6512142923&adk=2308485010&adf=1613454706&pi=t.ma~as.6512142923&w=280&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=280x600&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897731&bpp=1&bdt=685&idt=260&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280%2C880x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=1198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=262
Frame ID: 149EDAD5E543B1C1992B8E84E8239E0D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=3132389021&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897731&bpp=1&bdt=685&idt=265&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280%2C880x280%2C280x600&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=2288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=267
Frame ID: 183044D8C91F3E55B70A9AD565B63084
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 353C0D8D33080F7F99C9FFC2040BC9AE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A6E341116861ADFD874556757AF4B2BB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 1459372AB4F2FE42DF175C0F2455308B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 4199A8D8E8532A29FEB73F4A61A9F60D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1E862CC37C4CCB72B21C3E8126DB8F27
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 639B262F6BB3030D2C21734DB7A03486
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: B5EDE6BE54C544A2FDD16EE7FCDFA224
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: CBC8F13A93DA10BFB1D66D823C134611
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 5DA2FEB8CC8E23F377183A2850F75136
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BA25155CE2C7797D73585505E7301DAD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3330FA73BD05197C43F1AD7F71C7CBE8
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C4DAECADAA232D2578889454F82A0075
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CD947BB4E0313B79C69FC1A54B9629BB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 487C7304E37C331027045CA384E724EB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 7B355040A9D905B9678384E4FA5C3910
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: BD204A850B33F69444B803871950FFEC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 8BB439147F9A958864658C3783DE74EE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 836616DA4998C1B0088BB472CAD91B63
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 30618402DB6E6D824B7D403D13BDAAE0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: CF97B0BCB59700C4BB971F4CBC6FD26F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C3830AF3AB6B3E578CDD742BDB6B506
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2BADA20496E9AFF070BEFA5B0555DE86
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tweakdoor IPA Library tweak jailbreak sideload videostar

Page URL History Show full URLs

http://ipa.tweakdoor.com/ HTTP 301
https://ipa.tweakdoor.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

187
Requests

97 %
HTTPS

90 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

2655 kB
Transfer

6508 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/hadoiz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ipa.tweakdoor.com/ HTTP 301
https://ipa.tweakdoor.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 42

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce3Nh-jlaZZ_hCYGggQOw-r6wAuLqwoN07--w880S5br2sZEOEAEg_fzbKGCVqpSCoAegAfrWzasqyAECqAMByAPJBKoE0gFP0LcjC_LVvJl6EY7-OMlv2dakhrcRHIvXfFa_BJnSJXd27ewYAGaHg5RpG_CH3-p6_Gx5qCEzkF_pL8WHzCBd3wdhxwV1SiYcNRZfLN45RRiDn_-tYAu4wRCoN0LH_bBsGe_Zx9r4Y8jHDX7TmTNU09nqskKhXxmTVbUHXKm0fjffnDAhkXZCfSzo1kd3y-73V8taGs6Gku-YWsDtt3zPdWDbzKL3CSQmVbcd3QA5CiQN3ZBgiUYpt_mdOyBD51vsq1jhlCy-MJ-OKSTbqOj3kJfABKeg6P28BIgFt_2MnE2SBQQIBBgBkgUECAUYBKAGAoAH-o6eiwWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCNkwbSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkjaHR0cHM6Ly9nYW1lcmFyYS5jb20vY2F0ZWdvcmllcy9ob3SACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLYEwzQFQGAFwGyFxwKGggAEhRwdWItNDQyMDMzMjYzNjA1ODUzMBgA&sigh=QA2F2nJBLu8&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNPvpxEMQ5PLYC9dxlFFxJ1YMHUTiPYu-3bHjIzDumGDhByXLr19VQrTjcakqEIMTIJFxE9KlSSlPn2_sbqa0oXbu_yDjXqFHCNhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215063153138840218463%22,%22debug_reporting%22:true,%22destination%22:%22https://gamerara.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211365739386%22],%224%22:[%2211-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211168431122379367505%22}&andc=true

Request Chain 46

https://googleads.g.doubleclick.net/pagead/adview?ai=Cny1F-jlaZcOpCe-Cs8IP3eGRMOLqwoN0l8Ky880SwI23ARABIP382yhglaqUgqAHoAH61s2rKsgBAqgDAcgDyQSqBM4BT9DQAVdDgTobw38IkXSj7AEGxLBsiuHGRKPDLDEVw84s58YvB8Q0IofoE8OGMABOp52rBqlDjijEm-NI4hRd0NklT-tF2_aV_Sd3mrQIft1Gz43VV1ZrZQQoeWjirkPAvuWJE28jaCYYO-rvIPavmaBuoC1qlQzG4_ddgFCtdNziYHvOcoluvSzqGg3Bo9XSuG5iyofE6IZrC4-GMHbVcbgDs8EYYkE4JfC_x1Z9VqMqBT7bI_mYsWsfoc_OBezQhHzDVc3EmaVE1SoeqRTABKeg6P28BIgFt_2MnE2SBQQIBBgBkgUECAUYBKAGAoAH-o6eiwWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDVmgXSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkjaHR0cHM6Ly9nYW1lcmFyYS5jb20vY2F0ZWdvcmllcy9ob3SACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2BMM0BUBgBcBshccChoIABIUcHViLTQ0MjAzMzI2MzYwNTg1MzAYAA&sigh=XYZEn3gexSk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNYKabUjhNvlFXBkNCnU9O_Jfg7Bi05APjWrnxDCtrU5lhOVIVBp4o3_wBvom25DgtuiFYjUvoRqFdlp7c5RCIv9SwZwomAV0FUFoYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214151558123692139954%22,%22debug_reporting%22:true,%22destination%22:%22https://gamerara.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211365739386%22],%224%22:[%2211-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229877226351594309633%22}&andc=true

Request Chain 47

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 120

https://googleads.g.doubleclick.net/pagead/adview?ai=CjGae-jlaZe26CYf8gAObw5CICuLqwoN0odKgk68SwI23ARABIP382yhglaqUgqAHoAH61s2rKsgBAqgDAcgDyQSqBM4BT9Cfiez2hFWxsMvV20RkMy3WsV7Jh1h8dEqKtpNCpoRHzAV2DU1cU2kFGKXj9FOY5_cbm3WXc4ECKJZYiQLMepP38sfkaD6ISlp9CgatxwdufwVxCL9o5wQQa9iJbm-Xl-3tSNthI2u3NHRyJpjzuley1SFTsm-oB03BhP_m_SBuvrGlH5PWvkmJMihNoF03O_z4-XWmz_ZvbYY0dzUbzLiWh-4KP_EYm1m_Jj4PZSyUjAag--rlXxje9n9prrkFZx4wgGs4ak5y043pFkbABKeg6P28BIgFt_2MnE2SBQQIBBgBkgUECAUYBKAGAoAH-o6eiwWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBD02SbSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkjaHR0cHM6Ly9nYW1lcmFyYS5jb20vY2F0ZWdvcmllcy9ob3SACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLYEwzQFQGAFwGyFxwKGggAEhRwdWItNDQyMDMzMjYzNjA1ODUzMBgA&sigh=heCphWLxL7o&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNRp3m4QOOAdIJLT8JrEWLiUr_j8Ju65ZOxwcVTPaoPZ84d2C6BZdZMtCB-MK8nUrV06DgtjysyFfbocbp91ozRLtPd0QgMJl3FfgYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216494607154478111006%22,%22debug_reporting%22:true,%22destination%22:%22https://gamerara.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211365739386%22],%224%22:[%2211-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217664026876144831953%22}&andc=true

Request Chain 121

https://googleads.g.doubleclick.net/pagead/adview?ai=Co5wL-jlaZdCGCYWggQOX8KHoDb-7rKN00LXiks0QvJ3pxssdEAEg_fzbKGCVqpSCoAegAZ6-oZgCyAEJqQImacesD1CyPqgDAcgDywSqBNIBT9D0_MTZ1ghqhljb45HRV3vUzGo3LoVnBS67WxjpMQ7_3HMaFzU40u51wQnqzvXsVemdWWMyHp0g3ttpcVr90jkIuOcwLhbf7tebT0fyTNgU_M_wml0Ynre1obVLXeSVMIRs2fApDueCJwqf2ZnKJI9CEmMpb_RxbXrmcbEST-d4UrzJVDz6s6V7uHiUJ74coBxaLGSy1ZDNgzYwBDa1-bUSLDYQCeoTROl6NaI6imGuwn0TjhO0uOLgPXWarkojmvuLQa_FPEqPVutADvJuD04HwATWvMzypAOIBefG7dQqkgUECAQYAZIFBAgFGASgBi6AB8rB3ucBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQuNoZ0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJI2h0dHBzOi8vYXBwc2lsbGEuY2x1Yi9hcHBzL2ZvcnRuaXRlgAoByAsBogwQKg4KDOS0sQLutbECtbixArgT5APYEwyIFATQFQGAFwGyFxwKGggAEhRwdWItNDQyMDMzMjYzNjA1ODUzMBgA&sigh=IClrvlftC8A&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNshGVoOcjEbjNIBj1czbyhOwx8JRszV4HV6yQwRZD4eTx288xpK5OOVWtY3zXTCNBVgc8b6O_iwG9i178ykQaWmUWNIVJ2mp_BBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217479279657034790320%22,%22debug_reporting%22:true,%22destination%22:%22https://appsilla.club%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22587751198%22],%224%22:[%2211-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221248946143407459633%22}&andc=true

Request Chain 123

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://googleads.g.doubleclick.net/pagead/adview?ai=CexRH-jlaZcDzCNmD7OsPvOy3qAHp0-GndL7ZmK6gEmQQASD9_NsoYJWqlIKgB6AB3fCqwCrIAQGoAwHIA8sEqgTrAU_Q89EUer_uFAceFOaGjzdmauPwiHa5TImwE9_8KoizQVICBXyB_CfyjQ1W_Mup3IdAklSFPwQqBuIjaebhh0sHeyG7FaX-hsR36kyCZdNgI-QAzPDVhry4HG16V05kznzegwAw-I0_lcufYlkH9m3wcZVBVPN1Gd2zawsjNxunJt2Xflo95EfqkSps3UVllOrmqrXuoGDzRnDGvybbJNbhV6nqEdUNK5WGPOXpW8cyd8nL5-w7gpDPU1NI3Yak0CpuQ-PQO_QVwD2R-ghhTOXHTE1oQhlaNnNT0v077wFoNRNNdsoIHRKGBl_ABITBpP3XBIgF4orxuk2SBQQIBBgBkgUECAUYBIAH3aj7nwWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC5oxzSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgmOAWh0dHBzOi8vcGRmaXhlcnMuY29tL2Rvd25sb2FkUGFnZS5odG1sP2NhbXBhaWduX2lkPTIwNzkzMDE3Njk4JmFkZ3JvdXBfaWQ9MTYxMDU1NTgwMjkyJnBsYWNlbWVudF9pZD1pcGEudHdlYWtkb29yLmNvbSZjcmVhdGl2ZV9pZD02ODE1MTk4ODA5NDmACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2BMC0BUBmBYBgBcBshccChoIABIUcHViLTQ0MjAzMzI2MzYwNTg1MzAYAA&sigh=bUD8119dAFo&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNIleJ6iy0q7ICeeHhr5_T7vA_AgCbp1oI_sMKq39WeFZrnZfO_VqtWMYGOWNYue_uVfKe8F4JbdMLA7uICF3tgoBXfgRPdQuzlhgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212583028892090528714%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%224%22:[%2211-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222298263513410325393%22}&andc=true

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

187 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ipa.tweakdoor.com/
Redirect Chain

http://ipa.tweakdoor.com/
https://ipa.tweakdoor.com/

79 KB
13 KB

506ms
204ms

Document
text/html

2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.1.18

Resource Hash

ab9426bbfd8ea6a00891d85c6b7e28547d232914db9479d55db8b874ca5c311b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, private
content-encoding: br
content-length: 12075
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sun, 19 Nov 2023 16:38:16 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.18

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Sun, 19 Nov 2023 16:38:16 GMT
location: https://ipa.tweakdoor.com/
platform: hostinger
server: LiteSpeed

GET
H2 200 bootstrap.min.css
ipa.tweakdoor.com/css/ 152 KB
20 KB 145ms
143ms Stylesheet
text/css 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/css/bootstrap.min.css?2.1.0

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 10:36:24 GMT
server: LiteSpeed
etag: "260c5-65155728-4cab9a7c79ad0d76;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 19817
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H2 200 app.css
ipa.tweakdoor.com/css/ 26 KB
5 KB 146ms
145ms Stylesheet
text/css 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/css/app.css?2.1.0

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

eee417ee99f1a73567d08d79d1e0d901cce908bec497cb0fc382cd3c2b49ce14

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 26 Oct 2023 07:44:36 GMT
server: LiteSpeed
etag: "68b1-653a18e4-ff1626c512b1d68e;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5513
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H2 200 custom.css
ipa.tweakdoor.com/css/ 693 B
255 B 147ms
145ms Stylesheet
text/css 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/css/custom.css?t=1

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c759a15390ed6d6d6bfa2542be22475b823e63dc2f8e7de8f458a53061fe7adf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 04 Nov 2023 13:10:51 GMT
server: LiteSpeed
etag: "2b5-654642db-d3bec20571c26eac;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 170
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H2 200 jquery-ui.min.css
ipa.tweakdoor.com/css/ 28 KB
7 KB 147ms
146ms Stylesheet
text/css 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/css/jquery-ui.min.css?2.1.0

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

623a95a16385067fbfc665978493f51d9ec6321f59d5b7cb680e40d2bc50c500

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 10:36:24 GMT
server: LiteSpeed
etag: "70c0-65155728-604fbe9973bceb6c;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 6664
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H2 200 flag-icons.min.css
ipa.tweakdoor.com/css/ 13 KB
991 B 147ms
146ms Stylesheet
text/css 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/css/flag-icons.min.css?2.1.0

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

128535ea5fb3b801c2f81aeb7e29b5fd5e83063387c404f8f4c822625452fb7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 10:36:24 GMT
server: LiteSpeed
etag: "33fd-65155728-dd154f3a5f2922b9;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 927
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
ipa.tweakdoor.com/js/ 88 KB
29 KB 273ms
273ms Script
application/x-javascript 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 10:36:24 GMT
server: LiteSpeed
etag: "15e40-65155728-9c083d6533afba7c;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 30069
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H2 200 js.cookie.min.js Show response
ipa.tweakdoor.com/js/ 2 KB
825 B 274ms
272ms Script
application/x-javascript 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/js/js.cookie.min.js?2.1.0

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b5c1a679368da537e7b0f6880801ab32fe84b38b900acdbc1fdbe8cd6a86c4c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 10:36:24 GMT
server: LiteSpeed
etag: "695-65155728-e2f90a98f9c7162c;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 762
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H2 200 notificationManager.js Show response
ipa.tweakdoor.com/js/ 3 KB
838 B 274ms
272ms Script
application/x-javascript 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/js/notificationManager.js?2.1.0

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

98222a0a01a9fa39ae88596af06ed4256cdea294ef74dcc687d7e415c3d0ad66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 10:36:24 GMT
server: LiteSpeed
etag: "bec-65155728-9fa8786bdbe018de;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 775
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H2 200 other.js Show response
ipa.tweakdoor.com/js/ 23 KB
5 KB 275ms
273ms Script
application/x-javascript 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/js/other.js?2.1.0

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

185dec3874616d86c743f40ae6aff4a13640cd7dbea31ff026c1d2872bcd843b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 26 Oct 2023 07:44:12 GMT
server: LiteSpeed
etag: "5cb2-653a18cc-42402522ef1445e8;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4803
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H2 200 swiper.min.css
ipa.tweakdoor.com/css/ 17 KB
3 KB 273ms
271ms Stylesheet
text/css 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/css/swiper.min.css

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5d615e73b54d44e013c1c2fe0b9d4782bccb2120f4a5bd46a08dbf18b16dbc15

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 10:36:24 GMT
server: LiteSpeed
etag: "4553-65155728-a67cc9778b6bfb01;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2605
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 120ms
56ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4420332636058530

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0155bfcc40d7732affece19b0225b8bfc41e4c94e7cd3555f88e23ffc9429e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipa.tweakdoor.com/
Origin: https://ipa.tweakdoor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52754
x-xss-protection: 0
server: cafe
etag: 13898275143350601511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 16:38:17 GMT

GET
H2 200 pixel.png
ipa.tweakdoor.com/images/ 95 B
163 B 274ms
273ms Image
image/png 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/pixel.png

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 10:36:24 GMT
server: LiteSpeed
etag: "5f-65155728-fc641acb42ef4fff;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 95
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H2 200 swiper.min.js Show response
ipa.tweakdoor.com/js/ 120 KB
29 KB 274ms
273ms Script
application/x-javascript 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/js/swiper.min.js

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

efac6fec2ba437b6a906e249fad9de3c7d3c105a48136b0155376b5989c4d76a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 10:36:24 GMT
server: LiteSpeed
etag: "1df6f-65155728-be4517a2dd95077d;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 29539
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H2 200 jquery.lazy.min.js Show response
ipa.tweakdoor.com/js/ 5 KB
2 KB 145ms
145ms Script
application/x-javascript 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/js/jquery.lazy.min.js?2.1.0

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 10:36:24 GMT
server: LiteSpeed
etag: "139f-65155728-9b7d6bb4a18450ba;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2205
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H3 200 jquery-ui.min.js Show response
ipa.tweakdoor.com/js/ 249 KB
63 KB 345ms
343ms Script
application/x-javascript 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/js/jquery-ui.min.js?2.1.0

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 10:36:24 GMT
server: LiteSpeed
etag: "3e46c-65155728-3ea427c9f21f7dbe;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 64834
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H3 200 scripts.js Show response
ipa.tweakdoor.com/js/ 10 KB
3 KB 144ms
142ms Script
application/x-javascript 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/js/scripts.js?2.1.0

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

21c0dfdd59c8cce83daccd7b9442306a474a26512a5ba6327fa6e2586d12422f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 26 Oct 2023 07:44:12 GMT
server: LiteSpeed
etag: "273b-653a18cc-3c95669be9b15499;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2662
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H3 200 bootstrap.bundle.min.js Show response
ipa.tweakdoor.com/js/ 77 KB
21 KB 144ms
142ms Script
application/x-javascript 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ipa.tweakdoor.com/js/bootstrap.bundle.min.js?2.1.0

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 10:36:24 GMT
server: LiteSpeed
etag: "13397-65155728-c9881f47ae76c2c5;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 21446
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H3 200 us.svg
ipa.tweakdoor.com/flags/4x3/ 4 KB
700 B 152ms
151ms Image
image/svg+xml 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/flags/4x3/us.svg

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/css/flag-icons.min.css?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e5db71b4c3ecbaa2a634d0d638c1bd3aa61f7e5884d3d1466f030a4f181cd563

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/css/flag-icons.min.css?2.1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 10:36:24 GMT
server: LiteSpeed
etag: "116a-65155728-630de69958e4ff9c;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 634
expires: Sun, 26 Nov 2023 16:38:17 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 89ms
74ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4420332636058530&plah=ipa.tweakdoor.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4420332636058530

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d55468d9492599129405adc78ef898282c6b51708d20a545140f4a18e6edd23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138531
x-xss-protection: 0
server: cafe
etag: 9067463768857064846
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 16:38:17 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 1451 9 KB
4 KB 35ms
8ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4420332636058530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipa.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 21:57:20 GMT
etag: 16674218716276178799
expires: Sat, 02 Dec 2023 21:57:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0C89 661 KB
112 KB 1449ms
1448ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&adk=1812271804&adf=3025194257&lmt=1700411897&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897727&bpp=2&bdt=681&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2640641370451&frm=20&pv=2&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=253

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4420332636058530&plah=ipa.tweakdoor.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0cd67d08c676268ad43edac4ed3be4d9986f1b2027cec186d388ae94b7ab458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipa.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 114521
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:19 GMT
expires: Sun, 19 Nov 2023 16:38:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8981 117 KB
39 KB 1438ms
1438ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=1839787983&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897729&bpp=1&bdt=683&idt=253&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=257

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfc507f5b3af678bad83d42bdc9b614dc323f720e36ab7d87209bc917dfd3951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipa.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40172
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:19 GMT
expires: Sun, 19 Nov 2023 16:38:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A618 102 KB
38 KB 1681ms
1681ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3157715409&adf=304262699&pi=t.ma~as.6512142923&w=880&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=880x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897730&bpp=1&bdt=684&idt=258&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=260

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

264b020a4040e9cb6b275e143e47d2fb49e6513b42849617582c3bfdac00750d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipa.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38442
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:19 GMT
expires: Sun, 19 Nov 2023 16:38:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 149E 101 KB
38 KB 1088ms
1088ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=6512142923&adk=2308485010&adf=1613454706&pi=t.ma~as.6512142923&w=280&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=280x600&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897731&bpp=1&bdt=685&idt=260&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280%2C880x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=1198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=262

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f5eda1a4065a14ba7dd3f825b7c62421a37b920a2f1ed099f77c147772d7158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipa.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38349
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:19 GMT
expires: Sun, 19 Nov 2023 16:38:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1830 130 KB
41 KB 799ms
798ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=3132389021&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897731&bpp=1&bdt=685&idt=265&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280%2C880x280%2C280x600&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=2288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=267

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0ca82385f4786d495e701a38ce30d252c1a8bee6b39e481b053bb8d8ba4c8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipa.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41657
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:18 GMT
expires: Sun, 19 Nov 2023 16:38:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9136655641074812088
tpc.googlesyndication.com/simgad/ Frame 1830 84 KB
85 KB 80ms
15ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9136655641074812088?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk92ADHtwgs6Y67VB9DVvX5b_BlAA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=3132389021&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897731&bpp=1&bdt=685&idt=265&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280%2C880x280%2C280x600&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=2288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e1b2e4e13236b86639b0a147a6d427dfb2f5133e7ff30d504a7b55c99c7c9b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:24:07 GMT
x-content-type-options: nosniff
age: 216852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86392
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 03:06:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 04:24:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 1830 23 KB
9 KB 74ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1830 3 KB
1 KB 66ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 14:28:54 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 1830 67 B
196 B 79ms
15ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 04:10:08 GMT
x-content-type-options: nosniff
server: cafe
age: 44891
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Mon, 20 Nov 2023 04:10:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1830 20 KB
9 KB 63ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1830 202 KB
64 KB 76ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1830 36 KB
15 KB 79ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 16:55:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 353C 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=3132389021&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897731&bpp=1&bdt=685&idt=265&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280%2C880x280%2C280x600&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=2288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=267
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 353C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
21ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:19 GMT
expires: Sun, 19 Nov 2023 16:38:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1830 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffb2e53e7a7256811c6de14b9cc361018bb4d47d25b61dcdc48cfc660f50521b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 16124081565616940943
tpc.googlesyndication.com/simgad/ Frame 149E 48 KB
48 KB 10ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16124081565616940943?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk6h3ltEalYbBmabzBmVDSVhclPXQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=6512142923&adk=2308485010&adf=1613454706&pi=t.ma~as.6512142923&w=280&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=280x600&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897731&bpp=1&bdt=685&idt=260&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280%2C880x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=1198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1db953909d1bea0861b7366e95ada14219a9f6b1b21c8d2ecb716c2cfcd7b1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 06:32:16 GMT
x-content-type-options: nosniff
age: 295563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48989
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:34:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 06:32:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 149E 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 149E 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 14:28:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 149E 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 149E 202 KB
64 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 149E 36 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 16:55:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A6E3 143 B
166 B 12ms
10ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=6512142923&adk=2308485010&adf=1613454706&pi=t.ma~as.6512142923&w=280&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=280x600&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897731&bpp=1&bdt=685&idt=260&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280%2C880x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=1198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=262
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1830
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce3Nh-jlaZZ_hCYGggQOw-r6wAuLqwoN07--w880S5br2sZEOEAEg_fzbKGCVqpSCoAegAfrWzasqyAECqAMByAPJBKoE0gFP0LcjC_LVvJl6EY7-OMlv2dakhrcRHIvXfFa_BJnSJXd27ew...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215063153138840218463%22,%22debug_reporting%22:true,%22destination%22:%22https://gamerara.com%22,%22event_report_window%22:...

0
0

198ms
42ms

Fetch
text/css

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215063153138840218463%22,%22debug_reporting%22:true,%22destination%22:%22https://gamerara.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211365739386%22],%224%22:[%2211-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211168431122379367505%22}&andc=true

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15063153138840218463","debug_reporting":true,"destination":"https://gamerara.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11365739386"],"4":["11-19"],"6":["true"]},"priority":"500","source_event_id":"11168431122379367505"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Nov 2023 16:38:19 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 19 Nov 2023 16:38:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15063153138840218463","debug_reporting":true,"destination":"https://gamerara.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11365739386"],"4":["11-19"],"6":["true"]},"priority":"500","source_event_id":"11168431122379367505"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 1459 39 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 00:36:09 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 80ms
43ms Preflight
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 19 Nov 2023 16:38:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 149E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 353ed707b64ca836fbe23aeda09b688ed47ee9c361a39655083b2618c4ebd6aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 149E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cny1F-jlaZcOpCe-Cs8IP3eGRMOLqwoN0l8Ky880SwI23ARABIP382yhglaqUgqAHoAH61s2rKsgBAqgDAcgDyQSqBM4BT9DQAVdDgTobw38IkXSj7AEGxLBsiuHGRKPDLDEVw84s58YvB8Q...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214151558123692139954%22,%22debug_reporting%22:true,%22destination%22:%22https://gamerara.com%22,%22event_report_window%22:...

0
0

42ms
42ms

Fetch
text/css

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214151558123692139954%22,%22debug_reporting%22:true,%22destination%22:%22https://gamerara.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211365739386%22],%224%22:[%2211-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229877226351594309633%22}&andc=true

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14151558123692139954","debug_reporting":true,"destination":"https://gamerara.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11365739386"],"4":["11-19"],"6":["true"]},"priority":"500","source_event_id":"9877226351594309633"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Nov 2023 16:38:19 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 19 Nov 2023 16:38:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14151558123692139954","debug_reporting":true,"destination":"https://gamerara.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11365739386"],"4":["11-19"],"6":["true"]},"priority":"500","source_event_id":"9877226351594309633"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A6E3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

25ms
24ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:19 GMT
expires: Sun, 19 Nov 2023 16:38:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 4199 39 KB
15 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 00:36:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8981 4 KB
730 B 449ms
423ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=1839787983&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897729&bpp=1&bdt=683&idt=253&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 15:47:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8981 2 KB
822 B 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=1839787983&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897729&bpp=1&bdt=683&idt=253&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 8981 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=1839787983&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897729&bpp=1&bdt=683&idt=253&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8981 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=1839787983&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897729&bpp=1&bdt=683&idt=253&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 14:28:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8981 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=1839787983&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897729&bpp=1&bdt=683&idt=253&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:48 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8981 202 KB
64 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=1839787983&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897729&bpp=1&bdt=683&idt=253&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 8981 37 KB
16 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=1839787983&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897729&bpp=1&bdt=683&idt=253&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:35:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 19:35:34 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11204956268903072700/ Frame 8981 53 KB
53 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11204956268903072700/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=1839787983&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897729&bpp=1&bdt=683&idt=253&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

190ed4c6b576588180cd6b887438a37c93f8d1b7fdd4a1cbb6312e2a0952932c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 13:26:55 GMT
x-content-type-options: nosniff
age: 443484
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54542
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 09:54:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Nov 2024 13:26:55 GMT

GET
H3 200 8219660570914929357
tpc.googlesyndication.com/simgad/ Frame 8981 3 KB
3 KB 13ms
12ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8219660570914929357?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=1839787983&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897729&bpp=1&bdt=683&idt=253&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0d9758fde236894f0080200ebc56306297438a841383de1a934097aa2967506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:50:47 GMT
x-content-type-options: nosniff
age: 157652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2823
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 09:49:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 20:50:47 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
41ms Preflight
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 19 Nov 2023 16:38:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8981 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363d3eda223317fc368b0643ea910270b09540591de60fdc0d2c5020c74a2465

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 160 KB
55 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6b461e28398566c5400381c27546e3c6d5e6ea790d53afa6ac2c64148772ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55796
x-xss-protection: 0
server: cafe
etag: 1094707591277047806
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=alert%20text-center%20cookiealert%20py-2%20show&ign=false&pw=1600&ph=1200&x=0&y=1156

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 16:38:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=alert%20text-center%20cookiealert%20py-2%20show&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 16:38:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6874532692805061201
tpc.googlesyndication.com/simgad/ Frame A618 89 KB
89 KB 10ms
10ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6874532692805061201?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlZ1Dj8vEmcyeR81JxzwEUr2KcZSQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3157715409&adf=304262699&pi=t.ma~as.6512142923&w=880&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=880x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897730&bpp=1&bdt=684&idt=258&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce9022f250479cce5946969a05d63abd0d825eb2ac3ee549aae41097939d4ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 10:10:15 GMT
x-content-type-options: nosniff
age: 196084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90826
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 02:03:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 10:10:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame A618 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3157715409&adf=304262699&pi=t.ma~as.6512142923&w=880&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=880x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897730&bpp=1&bdt=684&idt=258&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A618 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3157715409&adf=304262699&pi=t.ma~as.6512142923&w=880&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=880x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897730&bpp=1&bdt=684&idt=258&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 14:28:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A618 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3157715409&adf=304262699&pi=t.ma~as.6512142923&w=880&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=880x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897730&bpp=1&bdt=684&idt=258&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:48 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A618 202 KB
64 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3157715409&adf=304262699&pi=t.ma~as.6512142923&w=880&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=880x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897730&bpp=1&bdt=684&idt=258&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A618 36 KB
14 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3157715409&adf=304262699&pi=t.ma~as.6512142923&w=880&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=880x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897730&bpp=1&bdt=684&idt=258&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 16:55:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E86 143 B
166 B 10ms
8ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3157715409&adf=304262699&pi=t.ma~as.6512142923&w=880&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=880x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897730&bpp=1&bdt=684&idt=258&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3157715409&adf=304262699&pi=t.ma~as.6512142923&w=880&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=880x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897730&bpp=1&bdt=684&idt=258&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=260
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 43ms
40ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4420332636058530&plah=ipa.tweakdoor.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ipa.tweakdoor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 639B 9 KB
4 KB 9ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipa.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 20:50:17 GMT
etag: 16674218716276178799
expires: Sat, 02 Dec 2023 20:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame B5ED 9 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipa.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 20:50:17 GMT
etag: 16674218716276178799
expires: Sat, 02 Dec 2023 20:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame CBC8 9 KB
4 KB 9ms
8ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipa.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 20:50:17 GMT
etag: 16674218716276178799
expires: Sat, 02 Dec 2023 20:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 5DA2 9 KB
4 KB 9ms
8ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipa.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 20:50:17 GMT
etag: 16674218716276178799
expires: Sat, 02 Dec 2023 20:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 639B 4 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 16:29:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 639B 205 B
521 B 8ms
7ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 234683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Nov 2024 23:26:56 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 639B 604 B
696 B 8ms
7ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:27:51 GMT
x-content-type-options: nosniff
age: 148228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 16 Nov 2024 23:27:51 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 639B 15 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 19:42:30 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 639B 21 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 17:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:53:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B5ED 14 KB
1 KB 18ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 16:34:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B5ED 2 KB
822 B 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame B5ED 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BA25 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B5ED 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 14:28:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B5ED 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:48 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5ED 202 KB
64 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame B5ED 37 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:35:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 19:35:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CBC8 14 KB
1 KB 19ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 15:54:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CBC8 2 KB
822 B 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame CBC8 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3330 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CBC8 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 14:28:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CBC8 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:48 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBC8 202 KB
64 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame CBC8 37 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:35:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 19:35:34 GMT

GET
DATA 200
OK truncated
/ Frame A618 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaf3cbd3d33350561070e04bd4ab72ba12e3a34b1ef41333df7a20da3628dd1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 5DA2 9 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 09:24:48 GMT

GET
H3 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame 5DA2 11 KB
5 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 08:31:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5DA2 14 KB
1 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 16:33:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5DA2 2 KB
822 B 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5DA2 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5DA2 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 14:28:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5DA2 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:48 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5DA2 202 KB
64 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 5DA2 37 KB
15 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:35:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 19:35:34 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E86
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

24ms
23ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3157715409&adf=304262699&pi=t.ma~as.6512142923&w=880&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=880x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897730&bpp=1&bdt=684&idt=258&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:19 GMT
expires: Sun, 19 Nov 2023 16:38:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame C4DA 14 KB
1 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 15:43:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C4DA 2 KB
822 B 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C4DA 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD94 143 B
166 B 10ms
9ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C4DA 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 14:28:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C4DA 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:24:48 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4DA 202 KB
64 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 16:38:19 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame C4DA 37 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:35:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 19:35:34 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BA25
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

17ms
17ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:19 GMT
expires: Sun, 19 Nov 2023 16:38:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3330
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
21ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:19 GMT
expires: Sun, 19 Nov 2023 16:38:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 487C 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8981 16 KB
16 KB 35ms
11ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:19:37 GMT
x-content-type-options: nosniff
age: 116322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 08:19:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8981 15 KB
16 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 97270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 13:37:09 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A618
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CjGae-jlaZe26CYf8gAObw5CICuLqwoN0odKgk68SwI23ARABIP382yhglaqUgqAHoAH61s2rKsgBAqgDAcgDyQSqBM4BT9Cfiez2hFWxsMvV20RkMy3WsV7Jh1h8dEqKtpNCpoRHzAV2DU1...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216494607154478111006%22,%22debug_reporting%22:true,%22destination%22:%22https://gamerara.com%22,%22event_report_window%22:...

0
0

42ms
42ms

Fetch
text/css

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216494607154478111006%22,%22debug_reporting%22:true,%22destination%22:%22https://gamerara.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211365739386%22],%224%22:[%2211-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217664026876144831953%22}&andc=true

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16494607154478111006","debug_reporting":true,"destination":"https://gamerara.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11365739386"],"4":["11-19"],"6":["true"]},"priority":"500","source_event_id":"17664026876144831953"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Nov 2023 16:38:20 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 19 Nov 2023 16:38:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16494607154478111006","debug_reporting":true,"destination":"https://gamerara.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11365739386"],"4":["11-19"],"6":["true"]},"priority":"500","source_event_id":"17664026876144831953"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8981
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Co5wL-jlaZdCGCYWggQOX8KHoDb-7rKN00LXiks0QvJ3pxssdEAEg_fzbKGCVqpSCoAegAZ6-oZgCyAEJqQImacesD1CyPqgDAcgDywSqBNIBT9D0_MTZ1ghqhljb45HRV3vUzGo3LoVnBS6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217479279657034790320%22,%22debug_reporting%22:true,%22destination%22:%22https://appsilla.club%22,%22event_report_window%22...

0
0

43ms
43ms

Fetch
text/css

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217479279657034790320%22,%22debug_reporting%22:true,%22destination%22:%22https://appsilla.club%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22587751198%22],%224%22:[%2211-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221248946143407459633%22}&andc=true

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17479279657034790320","debug_reporting":true,"destination":"https://appsilla.club","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["587751198"],"4":["11-19"],"6":["true"]},"priority":"500","source_event_id":"1248946143407459633"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Nov 2023 16:38:20 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 19 Nov 2023 16:38:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17479279657034790320","debug_reporting":true,"destination":"https://appsilla.club","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["587751198"],"4":["11-19"],"6":["true"]},"priority":"500","source_event_id":"1248946143407459633"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B35 39 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3157715409&adf=304262699&pi=t.ma~as.6512142923&w=880&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=880x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897730&bpp=1&bdt=684&idt=258&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1176x280&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 00:36:09 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD94
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

237ms
236ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:20 GMT
expires: Sun, 19 Nov 2023 16:38:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame BD20 39 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 00:36:09 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5DA2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CexRH-jlaZcDzCNmD7OsPvOy3qAHp0-GndL7ZmK6gEmQQASD9_NsoYJWqlIKgB6AB3fCqwCrIAQGoAwHIA8sEqgTrAU_Q89EUer_uFAceFOaGjzdmauPwiHa5TImwE9_8KoizQVICBXyB_Cf...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212583028892090528714%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:...

0
0

270ms
269ms

Fetch
text/css

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212583028892090528714%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%224%22:[%2211-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222298263513410325393%22}&andc=true

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12583028892090528714","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"4":["11-19"],"6":["true"]},"priority":"500","source_event_id":"2298263513410325393"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Nov 2023 16:38:20 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 19 Nov 2023 16:38:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12583028892090528714","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"4":["11-19"],"6":["true"]},"priority":"500","source_event_id":"2298263513410325393"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BB4 39 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 00:36:09 GMT

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 8366 39 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=6512142923&adk=3300227350&adf=1839787983&pi=t.ma~as.6512142923&w=1176&fwrn=4&fwrnh=100&lmt=1700411897&rafmt=1&format=1176x280&url=https%3A%2F%2Fipa.tweakdoor.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700411897729&bpp=1&bdt=683&idt=253&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2640641370451&frm=20&pv=1&ga_vid=1408622481.1700411898&ga_sid=1700411898&ga_hid=1955911192&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=212&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078297%2C44806141%2C44807763%2C44808148%2C44808284%2C44809056%2C21065724&oid=2&pvsid=2981663808992659&tmod=432390897&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 00:36:09 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 487C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

24ms
23ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:20 GMT
expires: Sun, 19 Nov 2023 16:38:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 3061 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 00:36:09 GMT

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame CF97 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 00:36:09 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 19 Nov 2023 16:38:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
41ms Preflight
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 19 Nov 2023 16:38:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 19 Nov 2023 16:38:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1697922425.webp
ipa.tweakdoor.com/images/ 11 KB
11 KB 143ms
142ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697922425.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ba43254ed88cd04f91c5516c33cca2da73334482c946422b824a96b7e4b268c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 21:07:05 GMT
server: LiteSpeed
etag: "2ad2-65343d79-acd9372d553c818b;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 10962
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1697922325.webp
ipa.tweakdoor.com/images/ 10 KB
11 KB 153ms
148ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697922325.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cc4bae2c85554446757fde4d7f42dbbc060fe98ba60dd199d7249153dca2845d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 21:05:25 GMT
server: LiteSpeed
etag: "29d0-65343d15-a6da1ccf70ec3cd0;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 10704
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1697922249.webp
ipa.tweakdoor.com/images/ 12 KB
12 KB 168ms
163ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697922249.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

22fc4b7389c75d9ee52016a1904f8dd2719af075047495fc8d3c9ee95af3d8ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 21:04:09 GMT
server: LiteSpeed
etag: "2e2a-65343cc9-301cb36009b6801c;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 11818
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1697922172.webp
ipa.tweakdoor.com/images/ 18 KB
19 KB 175ms
171ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697922172.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5210d83cee58c57c98d09e6ca613bbceb13ef0f22956b5ba136b5d88df664fa5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 21:02:52 GMT
server: LiteSpeed
etag: "49b8-65343c7c-619e0d00bfa0cfd3;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 18872
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1697922004.webp
ipa.tweakdoor.com/images/ 24 KB
24 KB 196ms
192ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697922004.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a8ac7c1de2a2d0d20137cee2322fce33de8780f861044e14a1875189f8b26bdc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 21:00:04 GMT
server: LiteSpeed
etag: "615e-65343bd4-55de751c8c086d82;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 24926
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1697921892.webp
ipa.tweakdoor.com/images/ 27 KB
27 KB 224ms
219ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697921892.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1f52c71a11c196a17a8842739fbfb78cf6d6d1c12f1e4871c6d96097461819b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:58:12 GMT
server: LiteSpeed
etag: "6c9e-65343b64-98b5f42a63a879c6;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 27806
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1697921805.webp
ipa.tweakdoor.com/images/ 10 KB
10 KB 256ms
252ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697921805.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f5bd26a54dc63f0c95dad545a9f83817d6a0b693b44a0a3d5878ab20fecc8ecb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:56:45 GMT
server: LiteSpeed
etag: "2792-65343b0d-dac84073e9cfa7c4;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 10130
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1697921712.webp
ipa.tweakdoor.com/images/ 5 KB
5 KB 271ms
267ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697921712.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f378a19180d199921a73c81f8ae698b4020ac463b6f9c5a743ea84b64d23878b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:55:12 GMT
server: LiteSpeed
etag: "1250-65343ab0-8bc1d58591080d14;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4688
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1697921630.webp
ipa.tweakdoor.com/images/ 28 KB
28 KB 282ms
277ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697921630.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

237313391fc3cb59cfa7f880dffc59571dfe4035dd0c853d37d1f88cd0bd0848

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:53:50 GMT
server: LiteSpeed
etag: "6e10-65343a5e-9b05b0ea885a1719;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 28176
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1697921530.webp
ipa.tweakdoor.com/images/ 23 KB
24 KB 290ms
285ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697921530.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f926ced785ba58c4cfad37d3b6de2fb80042fa389bf326a7c739e9875e3a53d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:52:10 GMT
server: LiteSpeed
etag: "5dda-653439fa-d29e0548f84ef626;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 24026
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1697921430.webp
ipa.tweakdoor.com/images/ 28 KB
28 KB 290ms
286ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697921430.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ca35820b3c92d22721e3acb19706b0f5ad131273afacd1b5435fe97940085951

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:50:30 GMT
server: LiteSpeed
etag: "6f74-65343996-747c257020bd25a6;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 28532
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1697921346.webp
ipa.tweakdoor.com/images/ 14 KB
14 KB 307ms
303ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697921346.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

abbf165260aa84383ad6207a7f24e79b9a736082831ac7056b4b2b0acf122a1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:49:06 GMT
server: LiteSpeed
etag: "3828-65343942-faed6c32ab125d7a;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 14376
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1696013710.webp
ipa.tweakdoor.com/images/ 20 KB
20 KB 310ms
306ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1696013710.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c761fc9a422de4b045b0a2935f62811507a8e7de06b8c83c2913f16524d785ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 29 Sep 2023 18:55:11 GMT
server: LiteSpeed
etag: "5124-65171d8f-984794d03a568e74;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 20772
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1695899430.webp
ipa.tweakdoor.com/images/ 4 KB
4 KB 269ms
264ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1695899430.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

65e1f09558e4b615af5373c4519870ca52461352eb97e4740a90f64c54837117

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 11:10:30 GMT
server: LiteSpeed
etag: "eca-65155f26-9075d1a98930560c;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3786
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1695899008.webp
ipa.tweakdoor.com/images/ 3 KB
3 KB 283ms
278ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1695899008.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8e55f8aebc90685ba49c48e4ec8049c8a290e64d064fc1a4e41e2fbb5e04c42f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 11:03:28 GMT
server: LiteSpeed
etag: "d58-65155d80-dc4ecc0d040c0e59;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3416
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1697919223.webp
ipa.tweakdoor.com/images/ 31 KB
31 KB 312ms
307ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697919223.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cf98e2584f753130516897387fc65cc5c95dc8d24ce0aa2ccb8bb5c475db84c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:13:43 GMT
server: LiteSpeed
etag: "7d5c-653430f7-4c27c6dcddf335f5;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 32092
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1695899264.webp
ipa.tweakdoor.com/images/ 5 KB
5 KB 314ms
309ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1695899264.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ebc682faa6863c74add1a8f0e88bc7d0812f0fa993f91383e5cb60f63147483a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 11:07:44 GMT
server: LiteSpeed
etag: "1510-65155e80-5175f301c2ea2ff3;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5392
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1695899156.webp
ipa.tweakdoor.com/images/ 2 KB
3 KB 283ms
278ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1695899156.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

37499b0c7af24bc208a33a7f0e7863cc73edb603106874ba12629fd507d444ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 11:05:56 GMT
server: LiteSpeed
etag: "9ee-65155e14-2837f641e30a6743;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2542
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1697369810.webp
ipa.tweakdoor.com/images/ 14 KB
14 KB 327ms
323ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697369810.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

dec378e44f60be828988443acf97a55dc82e99c5bdfcdb16d733892ee47b634f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 15 Oct 2023 11:36:50 GMT
server: LiteSpeed
etag: "3770-652bced2-8b6a40c240d98351;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 14192
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1696417217.webp
ipa.tweakdoor.com/images/ 18 KB
18 KB 327ms
323ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1696417217.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

92fe55edf45823696a527a5dab31cb25c18583e3d25de5f01b0b88f70dd1d85a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 04 Oct 2023 11:00:17 GMT
server: LiteSpeed
etag: "48f4-651d45c1-1303084ec90488f;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 18676
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1695899698.webp
ipa.tweakdoor.com/images/ 4 KB
4 KB 329ms
325ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1695899698.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a004f3c0f270d0ae32f25bf7e3f2cd3e210867dc33040de7e5ab4224ef30e2fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 11:14:58 GMT
server: LiteSpeed
etag: "10de-65156032-b65ab791f6d33541;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4318
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1695903353.webp
ipa.tweakdoor.com/images/ 3 KB
3 KB 284ms
280ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1695903353.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

851025a8032ed1ee94b80e2fcb2ad3fa67afca331a334e358906f1ec3bc4674b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 12:15:53 GMT
server: LiteSpeed
etag: "c6a-65156e79-a4e3548e5de27cbb;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3178
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 1695901943.webp
ipa.tweakdoor.com/images/ 1 KB
2 KB 286ms
282ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1695901943.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bdf703f7e02d3d0bf51da488f013d41bde02ce6b2dc0a2ac76f3839fdd57c51d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 11:52:23 GMT
server: LiteSpeed
etag: "5fc-651568f7-4fe259a1b08143db;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1532
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 66ms
62ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32f55fff50294eac954da41038cb64be95b86582fa5b9a542f0dbfbe9cbb323c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12446
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Nov 2023 16:38:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C38 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipa.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 15:29:48 GMT
expires: Mon, 18 Nov 2024 15:29:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2BAD 829 B
559 B 18ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7a1f03a5b4683b8aec4e86a17848c3a1c1747615a79a7a8446bb2efcd79b6c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Bjir4ZSeVFrADr2cS5Hqrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ipa.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Bjir4ZSeVFrADr2cS5Hqrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 16:38:20 GMT
expires: Sun, 19 Nov 2023 16:38:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C38 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 11:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Nov 2024 11:14:51 GMT

GET
H3 200 1697922425.webp
ipa.tweakdoor.com/images/ 11 KB
11 KB 143ms
143ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697922425.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ba43254ed88cd04f91c5516c33cca2da73334482c946422b824a96b7e4b268c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 21:07:05 GMT
server: LiteSpeed
etag: "2ad2-65343d79-acd9372d553c818b;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 10962
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2BAD 0
0 41ms
41ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2981663808992659&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 1697922249.webp
ipa.tweakdoor.com/images/ 12 KB
12 KB 142ms
142ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697922249.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

22fc4b7389c75d9ee52016a1904f8dd2719af075047495fc8d3c9ee95af3d8ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 21:04:09 GMT
server: LiteSpeed
etag: "2e2a-65343cc9-301cb36009b6801c;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 11818
expires: Sun, 26 Nov 2023 16:38:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A618 42 B
64 B 125ms
124ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7qRw8xVq_LwU8_kkh4kk4UXNpFt2cnS7guZqn8C3UHJ3lDt3kAU302VzgXwwhsBZz4s6_eDQip2krBISXgNNYnecGPQtClZJVUS10KfdPOq53tQFLNEp3SV5HZKbvIYqAD5hkt_gQH2XL&sai=AMfl-YSjPCGPFF1kXUVhjkscVU0SxLEZZhVcw5LIRcBu8IhU6hojO3SzD8pn3ubgnaxknERMVgxnnSSr7LYdZ1kO_db_-qgwd5dclEEoDQbrnaQfjgtiaBrzhciV6j5aYdF_dTQDYWAardUrPVnCb2QpTA&sig=Cg0ArKJSzIExk-tm7aesEAE&cid=CAQSTwDICaaNRp3m4QOOAdIJLT8JrEWLiUr_j8Ju65ZOxwcVTPaoPZ84d2C6BZdZMtCB-MK8nUrV06DgtjysyFfbocbp91ozRLtPd0QgMJl3FfgYAQ&id=lidar2&mcvt=1000&p=0,0,227,880&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3157715409&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700411897991&rpt=1898&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 16:38:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0C38 0
11 B 7ms
7ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-ARUWg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 1697922004.webp
ipa.tweakdoor.com/images/ 24 KB
24 KB 141ms
141ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697922004.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a8ac7c1de2a2d0d20137cee2322fce33de8780f861044e14a1875189f8b26bdc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 21:00:04 GMT
server: LiteSpeed
etag: "615e-65343bd4-55de751c8c086d82;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 24926
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1697921892.webp
ipa.tweakdoor.com/images/ 27 KB
27 KB 146ms
146ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697921892.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1f52c71a11c196a17a8842739fbfb78cf6d6d1c12f1e4871c6d96097461819b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:58:12 GMT
server: LiteSpeed
etag: "6c9e-65343b64-98b5f42a63a879c6;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 27806
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1697922325.webp
ipa.tweakdoor.com/images/ 10 KB
11 KB 153ms
152ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697922325.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cc4bae2c85554446757fde4d7f42dbbc060fe98ba60dd199d7249153dca2845d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 21:05:25 GMT
server: LiteSpeed
etag: "29d0-65343d15-a6da1ccf70ec3cd0;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 10704
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1695899430.webp
ipa.tweakdoor.com/images/ 4 KB
4 KB 199ms
198ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1695899430.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

65e1f09558e4b615af5373c4519870ca52461352eb97e4740a90f64c54837117

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 11:10:30 GMT
server: LiteSpeed
etag: "eca-65155f26-9075d1a98930560c;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3786
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1697921805.webp
ipa.tweakdoor.com/images/ 10 KB
10 KB 144ms
144ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697921805.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f5bd26a54dc63f0c95dad545a9f83817d6a0b693b44a0a3d5878ab20fecc8ecb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:56:45 GMT
server: LiteSpeed
etag: "2792-65343b0d-dac84073e9cfa7c4;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 10130
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1695901943.webp
ipa.tweakdoor.com/images/ 1 KB
2 KB 158ms
158ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1695901943.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bdf703f7e02d3d0bf51da488f013d41bde02ce6b2dc0a2ac76f3839fdd57c51d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 11:52:23 GMT
server: LiteSpeed
etag: "5fc-651568f7-4fe259a1b08143db;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1532
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1697922172.webp
ipa.tweakdoor.com/images/ 18 KB
19 KB 140ms
140ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697922172.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5210d83cee58c57c98d09e6ca613bbceb13ef0f22956b5ba136b5d88df664fa5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 21:02:52 GMT
server: LiteSpeed
etag: "49b8-65343c7c-619e0d00bfa0cfd3;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 18872
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8981 42 B
64 B 124ms
124ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCdKTVfrRFarLlStCqVwO0BSZVmedQoIrt_RfbOiLfDVTo7unHHZd_2YbMUikpw8WKUZ3u8-SYifsVcOhxbZEOW__RZArhZChmSs18nRu8W4VUjLh3JbOjsNVmeZlRg3C0nrAGA8p0o0ZT&sai=AMfl-YTlFJwU_GvR5wqhSgx5rB0jy-p8WipltneRZSHQmI8L57rx_zmCNT9c_q4jIoBB5A8PuEWOAQl2OrXUmgIqKdjEV2jP3cT9WHRpqlewHPMmdWV0CE9x3XHOr0VLLQRDIZEdGgtOLySoI_UQ-og1&sig=Cg0ArKJSzMIpvgH94_oqEAE&cid=CAQSTgDICaaNshGVoOcjEbjNIBj1czbyhOwx8JRszV4HV6yQwRZD4eTx288xpK5OOVWtY3zXTCNBVgc8b6O_iwG9i178ykQaWmUWNIVJ2mp_BBgB&id=lidar2&mcvt=1001&p=0,0,280,1176&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3300227350&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700411897987&rpt=2068&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 16:38:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1695899008.webp
ipa.tweakdoor.com/images/ 3 KB
3 KB 146ms
146ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1695899008.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8e55f8aebc90685ba49c48e4ec8049c8a290e64d064fc1a4e41e2fbb5e04c42f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 11:03:28 GMT
server: LiteSpeed
etag: "d58-65155d80-dc4ecc0d040c0e59;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3416
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1695899156.webp
ipa.tweakdoor.com/images/ 2 KB
3 KB 146ms
146ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1695899156.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

37499b0c7af24bc208a33a7f0e7863cc73edb603106874ba12629fd507d444ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 11:05:56 GMT
server: LiteSpeed
etag: "9ee-65155e14-2837f641e30a6743;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2542
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1695903353.webp
ipa.tweakdoor.com/images/ 3 KB
3 KB 141ms
140ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1695903353.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

851025a8032ed1ee94b80e2fcb2ad3fa67afca331a334e358906f1ec3bc4674b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 12:15:53 GMT
server: LiteSpeed
etag: "c6a-65156e79-a4e3548e5de27cbb;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3178
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1695899264.webp
ipa.tweakdoor.com/images/ 5 KB
5 KB 141ms
140ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1695899264.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ebc682faa6863c74add1a8f0e88bc7d0812f0fa993f91383e5cb60f63147483a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 11:07:44 GMT
server: LiteSpeed
etag: "1510-65155e80-5175f301c2ea2ff3;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5392
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1695899698.webp
ipa.tweakdoor.com/images/ 4 KB
4 KB 140ms
140ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1695899698.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a004f3c0f270d0ae32f25bf7e3f2cd3e210867dc33040de7e5ab4224ef30e2fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 28 Sep 2023 11:14:58 GMT
server: LiteSpeed
etag: "10de-65156032-b65ab791f6d33541;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4318
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1697921712.webp
ipa.tweakdoor.com/images/ 5 KB
5 KB 141ms
140ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697921712.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f378a19180d199921a73c81f8ae698b4020ac463b6f9c5a743ea84b64d23878b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:55:12 GMT
server: LiteSpeed
etag: "1250-65343ab0-8bc1d58591080d14;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4688
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1696417217.webp
ipa.tweakdoor.com/images/ 18 KB
18 KB 141ms
140ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1696417217.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

92fe55edf45823696a527a5dab31cb25c18583e3d25de5f01b0b88f70dd1d85a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 04 Oct 2023 11:00:17 GMT
server: LiteSpeed
etag: "48f4-651d45c1-1303084ec90488f;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 18676
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1697369810.webp
ipa.tweakdoor.com/images/ 14 KB
14 KB 145ms
144ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697369810.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

dec378e44f60be828988443acf97a55dc82e99c5bdfcdb16d733892ee47b634f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 15 Oct 2023 11:36:50 GMT
server: LiteSpeed
etag: "3770-652bced2-8b6a40c240d98351;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 14192
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1697921346.webp
ipa.tweakdoor.com/images/ 14 KB
14 KB 142ms
141ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697921346.webp

Requested by

Host: ipa.tweakdoor.com
URL: https://ipa.tweakdoor.com/js/jquery-3.6.1.min.js?2.1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

abbf165260aa84383ad6207a7f24e79b9a736082831ac7056b4b2b0acf122a1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:49:06 GMT
server: LiteSpeed
etag: "3828-65343942-faed6c32ab125d7a;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 14376
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1697921430.webp
ipa.tweakdoor.com/images/ 28 KB
28 KB 143ms
143ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697921430.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ca35820b3c92d22721e3acb19706b0f5ad131273afacd1b5435fe97940085951

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:50:30 GMT
server: LiteSpeed
etag: "6f74-65343996-747c257020bd25a6;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 28532
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1697921530.webp
ipa.tweakdoor.com/images/ 23 KB
24 KB 141ms
141ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697921530.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f926ced785ba58c4cfad37d3b6de2fb80042fa389bf326a7c739e9875e3a53d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:52:10 GMT
server: LiteSpeed
etag: "5dda-653439fa-d29e0548f84ef626;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 24026
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1696013710.webp
ipa.tweakdoor.com/images/ 20 KB
20 KB 148ms
148ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1696013710.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c761fc9a422de4b045b0a2935f62811507a8e7de06b8c83c2913f16524d785ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 29 Sep 2023 18:55:11 GMT
server: LiteSpeed
etag: "5124-65171d8f-984794d03a568e74;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 20772
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1697919223.webp
ipa.tweakdoor.com/images/ 31 KB
31 KB 148ms
147ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697919223.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cf98e2584f753130516897387fc65cc5c95dc8d24ce0aa2ccb8bb5c475db84c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:13:43 GMT
server: LiteSpeed
etag: "7d5c-653430f7-4c27c6dcddf335f5;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 32092
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 200 1697921630.webp
ipa.tweakdoor.com/images/ 28 KB
28 KB 155ms
154ms Image
image/webp 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ipa.tweakdoor.com/images/1697921630.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

237313391fc3cb59cfa7f880dffc59571dfe4035dd0c853d37d1f88cd0bd0848

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 16:38:21 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 20:53:50 GMT
server: LiteSpeed
etag: "6e10-65343a5e-9b05b0ea885a1719;;;"
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 28176
expires: Sun, 26 Nov 2023 16:38:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2981663808992659&bg=!fH-lfzDNAAZxrfrxUa07ADQBe5WfOGuBg4ZJV64E13qnW4GsX9M5inX6Lj0za4TAJA0jH6VIx8jHrl0PLlDtfYdN20S4AgAAAExSAAAAAmgBBwoAk00QVOb7uhfH9hPwBViIYuyV0ovpncH1PzaDalngoUr3FpAM4f5g000-swLzdb7Ms2KevyKk10SVJaP3lk6LqnPTv5TrdhiUSiZek5rknyGXsBIBK0U6gEFBbliyPoJqqTVTOCR9luMIsRPCpjXwk3dCYSvGd3_hUNurUml4Pj95doU7maUMFPjc10BNlx8Kx7HudpkCv6YBrA-ddLW4PVY0LgwsBk9_wjclR1VAUT116ejPmS75gNP2ipskApmDTHKB8XSe_6xBcDeTES4tFxKLrUQEtV998lfMhusY0OfLFUVLi70zAquA-I_hTF3ZCH1Q089RREJutR8BUvG0gKrdlZA1zgulP_UhaGr85AKtYVZdGWGZKXO2vMaDi-CwCfieAukcwb70McXrvheYu1fbmowst2Ytu9Bkuu5or7lo0pp0Q5JftSqA_Z1L8Xr0wFY3VZbKSYvvO8oSginp_ZN5H_UjAU30-SrYhhaAWOzSiMD3ncfSxoG-WwPPECdqDwE9_JRGsqzT1aXjKgSylvnS42-F_rdZtdy7-gdASQSYaMPUNegk2abrkuzxKvSTJOVt8LPxJ1cbem9NgRo-dGnIULk1JUDRuEfxIDUu7ihpjfbD3HNTJtMCU-B4FXe_fUdN0ECRTX8MjhS7XEXiAH0YVF3KOTvHY8xNYFfW5wTtnKKSwnSvN3OHWGh28aUgrH34fSdnYpSVNah6TJGFpj1Mw6CyPLwa34U5eW59Phefom3csoqMFFdka2EE6yesBa5QfqcvGoL3TwNm_UwytCX2N07D-9XfRMBoI2pRRTFJK0MpDT53IDz-qKF-EmQImkzxo8Pbatb33361ioeoVZK6jRpDE4jFe09OKaOmhnQYpBWPN4yPXXs37MX4xLzUiC9DKoqg9oyX6RMXHDE9YlvAdO5z8wN4g5YiVfRDsoPw-DoD2pSIM6XrL_B14s_sFYfqBGNMQgsnfl26Veq9CCbW2JWj5vgvjW6h32TNWPvTMnatqPvuQP6bzWx3BGyU-RPRbJIT7VdJBXYB8fo9vrXEba9roHO6owsg0zthotdZ6kUwb3VQOByEPawXEyTR37GMKOoHdpdPoqmp7KkKFIwzoDgBwL6wm7oriIqSQ-TTnZcUzXY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipa.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ipa.tweakdoor.com/	1970-01-20 16:20:19	Name: XSRF-TOKEN Value: eyJpdiI6IjVNV0VMS2FXSmp2R3NjZzBmZnowb0E9PSIsInZhbHVlIjoicHZUeGxzVE0xMWVodDByeXJvZVllYzdOeFQxa1E4Q0cwRnRUelk3cmh6MDUxdDdtR0lYZkhqWFhnZW5ManUxSHpmb1JaWGNFU09QaVFnSkhYTTluOW9BMG9jNXRZb0VrWnJuSE5EcFpPQUVzSkZIY0tsM0d0enZ3OUpSMXI4NDQiLCJtYWMiOiIxYTJlNjAxODVkYjUyMDU3NzgwYmIwMDJjNjJjMGI0MTliNjMyNzQ4NWY5NDk5YzQ1NjYxMWYyZWJkYWVlYmI0IiwidGFnIjoiIn0%3D
ipa.tweakdoor.com/	1970-01-20 16:20:19	Name: app_portal_session Value: eyJpdiI6IitMRGxHNVFMTGM0dVhaaCtsYlAzdVE9PSIsInZhbHVlIjoiaXpPVWVHTlBhZnVOU0MvUWMxSlV2NzBTTXhLS0p2VTBPb0dLQ1JGYlRNNU0wczVBLzM3RVpaaFR2TFNUc3VkVWp4Z1plVFppNVdjUzdOZWRwWENhSUFMckY0QnBJMG1Hell3cFJ2aGE3ZUtCM0laYWVqd2Rnd3AzMEhNeVFlNjciLCJtYWMiOiIxMzU5NzQ1MmQ1MTJkYWFkYWYyNjBjNWZmNGZlMGIyNGI1MWE0ZmUwZWYwNjA4NmM0NTEzYWQ4NDVhOTc5MjMwIiwidGFnIjoiIn0%3D
.tweakdoor.com/	1970-01-21 01:41:47	Name: __gads Value: ID=60b91c2da29827c4:T=1700411898:RT=1700411898:S=ALNI_MbjwTPMTQaVupHbV0nfacrxeXu_jg
.tweakdoor.com/	1970-01-21 01:41:47	Name: __gpi Value: UID=00000cddbc88e4b7:T=1700411898:RT=1700411898:S=ALNI_MYlG1zse6TkkZs_c-ObamX4_kKN8w
.doubleclick.net/	1970-01-20 16:20:15	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 01:41:47	Name: IDE Value: AHWqTUm5kwjTN2HlxWiXZ9Ah6wr6V7X43dUff10IXEdewvSTdOk3oSQ1UBek_bjyZFs
.doubleclick.net/	1970-01-20 16:20:12	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 18:29:47	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ipa.tweakdoor.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
216.58.212.130
2a00:1450:4001:800::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a02:4780:b:653:0:31a8:9fcf:2
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
128535ea5fb3b801c2f81aeb7e29b5fd5e83063387c404f8f4c822625452fb7d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185dec3874616d86c743f40ae6aff4a13640cd7dbea31ff026c1d2872bcd843b
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
190ed4c6b576588180cd6b887438a37c93f8d1b7fdd4a1cbb6312e2a0952932c
1d55468d9492599129405adc78ef898282c6b51708d20a545140f4a18e6edd23
1db953909d1bea0861b7366e95ada14219a9f6b1b21c8d2ecb716c2cfcd7b1cd
1f52c71a11c196a17a8842739fbfb78cf6d6d1c12f1e4871c6d96097461819b1
21c0dfdd59c8cce83daccd7b9442306a474a26512a5ba6327fa6e2586d12422f
22fc4b7389c75d9ee52016a1904f8dd2719af075047495fc8d3c9ee95af3d8ab
237313391fc3cb59cfa7f880dffc59571dfe4035dd0c853d37d1f88cd0bd0848
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
264b020a4040e9cb6b275e143e47d2fb49e6513b42849617582c3bfdac00750d
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32f55fff50294eac954da41038cb64be95b86582fa5b9a542f0dbfbe9cbb323c
353ed707b64ca836fbe23aeda09b688ed47ee9c361a39655083b2618c4ebd6aa
363d3eda223317fc368b0643ea910270b09540591de60fdc0d2c5020c74a2465
37499b0c7af24bc208a33a7f0e7863cc73edb603106874ba12629fd507d444ad
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3e1b2e4e13236b86639b0a147a6d427dfb2f5133e7ff30d504a7b55c99c7c9b9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5210d83cee58c57c98d09e6ca613bbceb13ef0f22956b5ba136b5d88df664fa5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d615e73b54d44e013c1c2fe0b9d4782bccb2120f4a5bd46a08dbf18b16dbc15
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623a95a16385067fbfc665978493f51d9ec6321f59d5b7cb680e40d2bc50c500
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a
65e1f09558e4b615af5373c4519870ca52461352eb97e4740a90f64c54837117
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
851025a8032ed1ee94b80e2fcb2ad3fa67afca331a334e358906f1ec3bc4674b
8e55f8aebc90685ba49c48e4ec8049c8a290e64d064fc1a4e41e2fbb5e04c42f
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
92fe55edf45823696a527a5dab31cb25c18583e3d25de5f01b0b88f70dd1d85a
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
98222a0a01a9fa39ae88596af06ed4256cdea294ef74dcc687d7e415c3d0ad66
9f5eda1a4065a14ba7dd3f825b7c62421a37b920a2f1ed099f77c147772d7158
a004f3c0f270d0ae32f25bf7e3f2cd3e210867dc33040de7e5ab4224ef30e2fb
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
a8ac7c1de2a2d0d20137cee2322fce33de8780f861044e14a1875189f8b26bdc
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab9426bbfd8ea6a00891d85c6b7e28547d232914db9479d55db8b874ca5c311b
abbf165260aa84383ad6207a7f24e79b9a736082831ac7056b4b2b0acf122a1a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b5c1a679368da537e7b0f6880801ab32fe84b38b900acdbc1fdbe8cd6a86c4c8
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
ba43254ed88cd04f91c5516c33cca2da73334482c946422b824a96b7e4b268c0
bdf703f7e02d3d0bf51da488f013d41bde02ce6b2dc0a2ac76f3839fdd57c51d
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c0d9758fde236894f0080200ebc56306297438a841383de1a934097aa2967506
c6b461e28398566c5400381c27546e3c6d5e6ea790d53afa6ac2c64148772ac9
c759a15390ed6d6d6bfa2542be22475b823e63dc2f8e7de8f458a53061fe7adf
c761fc9a422de4b045b0a2935f62811507a8e7de06b8c83c2913f16524d785ce
ca35820b3c92d22721e3acb19706b0f5ad131273afacd1b5435fe97940085951
cc4bae2c85554446757fde4d7f42dbbc060fe98ba60dd199d7249153dca2845d
ce9022f250479cce5946969a05d63abd0d825eb2ac3ee549aae41097939d4ec2
cf98e2584f753130516897387fc65cc5c95dc8d24ce0aa2ccb8bb5c475db84c8
cfc507f5b3af678bad83d42bdc9b614dc323f720e36ab7d87209bc917dfd3951
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d7a1f03a5b4683b8aec4e86a17848c3a1c1747615a79a7a8446bb2efcd79b6c7
dec378e44f60be828988443acf97a55dc82e99c5bdfcdb16d733892ee47b634f
e0155bfcc40d7732affece19b0225b8bfc41e4c94e7cd3555f88e23ffc9429e7
e0ca82385f4786d495e701a38ce30d252c1a8bee6b39e481b053bb8d8ba4c8ec
e0cd67d08c676268ad43edac4ed3be4d9986f1b2027cec186d388ae94b7ab458
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5db71b4c3ecbaa2a634d0d638c1bd3aa61f7e5884d3d1466f030a4f181cd563
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
eaf3cbd3d33350561070e04bd4ab72ba12e3a34b1ef41333df7a20da3628dd1a
ebc682faa6863c74add1a8f0e88bc7d0812f0fa993f91383e5cb60f63147483a
eee417ee99f1a73567d08d79d1e0d901cce908bec497cb0fc382cd3c2b49ce14
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efac6fec2ba437b6a906e249fad9de3c7d3c105a48136b0155376b5989c4d76a
f378a19180d199921a73c81f8ae698b4020ac463b6f9c5a743ea84b64d23878b
f5bd26a54dc63f0c95dad545a9f83817d6a0b693b44a0a3d5878ab20fecc8ecb
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f926ced785ba58c4cfad37d3b6de2fb80042fa389bf326a7c739e9875e3a53d8
ffb2e53e7a7256811c6de14b9cc361018bb4d47d25b61dcdc48cfc660f50521b

ipa.tweakdoor.com Open in urlscan Pro 2a02:4780:b:653:0:31a8:9fcf:2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

187 Requests

97 %HTTPS

90 %IPv6

8 Domains

10 Subdomains

11 IPs

2 Countries

2655 kBTransfer

6508 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ipa.tweakdoor.com Open in urlscan Pro
2a02:4780:b:653:0:31a8:9fcf:2 Public Scan

Screenshot
Live screenshot

Full Image

187
Requests

97 %
HTTPS

90 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

2655 kB
Transfer

6508 kB
Size

8
Cookies

187 HTTP transactions
4 data transactions