app.tweakdoor.com Open in urlscan Pro
2a02:4780:b:653:0:31a8:9fcf:2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app.tweakdoor.com/
Effective URL:
https://app.tweakdoor.com/
Submission: On October 21 via api (October 21st 2023, 5:59:14 pm UTC) from US — Scanned from DE

Summary HTTP 268 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 35 domains to perform 268 HTTP transactions. The main IP is 2a02:4780:b:653:0:31a8:9fcf:2, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is app.tweakdoor.com.
TLS certificate: Issued by R3 on September 23rd 2023. Valid for: 3 months.

This is the only time app.tweakdoor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	2a02:4780:b:6... 2a02:4780:b:653:0:31a8:9fcf:2	47583 (AS-HOSTINGER) (AS-HOSTINGER)
39	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
12	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 23	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1 1	2606:4700:20:... 2606:4700:20::6819:ea35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:505c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:ec80:300... 2a02:ec80:300:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	2606:4700:20:... 2606:4700:20::681a:931	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.239.94.84 18.239.94.84	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14c7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 36	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:480... 2a02:26f0:480:15::213:7e52	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7 14	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 7	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
14	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2607:f8b0:400... 2607:f8b0:4003:c13::5e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.167.154 64.233.167.154	15169 (GOOGLE) (GOOGLE)
5	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.36.54 104.18.36.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	130.211.44.5 130.211.44.5	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2.18.96.37 2.18.96.37	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
5	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
1 2	52.215.161.107 52.215.161.107	16509 (AMAZON-02) (AMAZON-02)
1 2	23.215.22.232 23.215.22.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.11.61.157 3.11.61.157	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	52.50.230.234 52.50.230.234	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223f:cc00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:1f18:1ac... 2600:1f18:1aca:4281:e6fa:3600:606c:fea	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:780... 2a02:26f0:780::210:a408	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	18.158.97.142 18.158.97.142	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:baeb:931e:26a0:842	16509 (AMAZON-02) (AMAZON-02)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
268	55

25 2a02:4780:b:653:0:31a8:9fcf:2 (Phoenix, United States) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

app.tweakdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tweakdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

glimtors.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:ea35 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:505c (United States)

ASN13335 (CLOUDFLARENET, US)

tweak-box.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:931 (United States)

ASN13335 (CLOUDFLARENET, US)

freelogopng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.94.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-84.ams1.r.cloudfront.net

c8.alamy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14c7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn-icons-png.flaticon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:15::213:7e52 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.26.193 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.85 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4003:c13::5e (Tulsa, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.54 (None, )

ASN13335 (CLOUDFLARENET, US)

vast.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-video-eu.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.96.37 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-37.deploy.static.akamaitechnologies.com

secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.161.107 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-161-107.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.215.22.232 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-232.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.11.61.157 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-61-157.eu-west-2.compute.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.230.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-230-234.eu-west-1.compute.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9111 (United States)

ASN13335 (CLOUDFLARENET, US)

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:cc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:1aca:4281:e6fa:3600:606c:fea (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a408 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.97.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-97-142.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:baeb:931e:26a0:842 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com — Cisco Umbrella Rank: 349	1 MB
44	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 bid.g.doubleclick.net — Cisco Umbrella Rank: 1020 ad.doubleclick.net — Cisco Umbrella Rank: 173 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443	283 KB
25	tweakdoor.com 1 redirects app.tweakdoor.com tweakdoor.com	1 MB
23	criteo.net static.criteo.net — Cisco Umbrella Rank: 728 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9717 csm.eu.criteo.net — Cisco Umbrella Rank: 9249	295 KB
15	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	104 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1153 static.adsafeprotected.com — Cisco Umbrella Rank: 720 dt.adsafeprotected.com — Cisco Umbrella Rank: 658	101 KB
12	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 541 vast.doubleverify.com — Cisco Umbrella Rank: 2133 rtb0.doubleverify.com — Cisco Umbrella Rank: 941 tpsc-video-eu.doubleverify.com — Cisco Umbrella Rank: 13266 vtrk.doubleverify.com — Cisco Umbrella Rank: 1637 tps.doubleverify.com — Cisco Umbrella Rank: 562 tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 11169	131 KB
12	glimtors.net glimtors.net — Cisco Umbrella Rank: 472833	60 KB
8	flashtalking.com 1 redirects secure.flashtalking.com — Cisco Umbrella Rank: 2734 cdn.flashtalking.com — Cisco Umbrella Rank: 1384 servedby.flashtalking.com — Cisco Umbrella Rank: 1143 ad-events.flashtalking.com — Cisco Umbrella Rank: 2244 d9.flashtalking.com — Cisco Umbrella Rank: 2029	44 MB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	386 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	4 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405 fonts.googleapis.com — Cisco Umbrella Rank: 49 imasdk.googleapis.com — Cisco Umbrella Rank: 498	167 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	5 KB
6	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9209 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10275 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15502 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15658	91 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	311 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	815 B
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	602 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1584	450 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	309 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491	715 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 387	146 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8325	553 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 402	149 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 952	717 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 782	545 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1858	63 KB
1	flaticon.com cdn-icons-png.flaticon.com — Cisco Umbrella Rank: 42047	8 KB
1	alamy.com c8.alamy.com — Cisco Umbrella Rank: 22699	125 KB
1	freelogopng.com freelogopng.com	274 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3099	72 KB
1	tweak-box.com tweak-box.com	26 KB
1	is.gd 1 redirects is.gd — Cisco Umbrella Rank: 110108	164 B
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9763	545 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	4 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	91 KB
268	35

	Domain	Requested by
39	pagead2.googlesyndication.com	app.tweakdoor.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com
36	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net app.tweakdoor.com tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
23	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com app.tweakdoor.com googleads.g.doubleclick.net
16	app.tweakdoor.com	1 redirects app.tweakdoor.com
14	static.criteo.net	ads.eu.criteo.com
14	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
12	glimtors.net	app.tweakdoor.com glimtors.net
9	dt.adsafeprotected.com	googleads.g.doubleclick.net
9	tweakdoor.com	app.tweakdoor.com
8	www.googletagservices.com	app.tweakdoor.com googleads.g.doubleclick.net cdn.doubleverify.com www.googletagservices.com
7	csi.gstatic.com	imasdk.googleapis.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	s0.2mdn.net	googleads.g.doubleclick.net app.tweakdoor.com s0.2mdn.net
5	googleads4.g.doubleclick.net	ad.doubleclick.net app.tweakdoor.com
5	imageproxy.eu.criteo.net	ads.eu.criteo.com
4	csm.eu.criteo.net	ads.eu.criteo.com
4	fonts.gstatic.com	fonts.googleapis.com
4	cdn.doubleverify.com	app.tweakdoor.com cdn.doubleverify.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	tpsc-video-eu.doubleverify.com	app.tweakdoor.com
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.googleadservices.com	googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	ade.googlesyndication.com	app.tweakdoor.com
2	ad-events.flashtalking.com	app.tweakdoor.com
2	servedby.flashtalking.com	1 redirects app.tweakdoor.com
2	fw.adsafeprotected.com	1 redirects app.tweakdoor.com
2	cdn.flashtalking.com	app.tweakdoor.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
1	tpsc-ew1.doubleverify.com	cdn.doubleverify.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	code.createjs.com	s0.2mdn.net
1	vtrk.doubleverify.com	app.tweakdoor.com
1	d9.flashtalking.com	app.tweakdoor.com
1	ad.doubleclick.net	www.googletagservices.com
1	secure.flashtalking.com	app.tweakdoor.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	vast.doubleverify.com	imasdk.googleapis.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	ajax.googleapis.com	app.tweakdoor.com
1	cdn-icons-png.flaticon.com	app.tweakdoor.com
1	c8.alamy.com	app.tweakdoor.com
1	freelogopng.com	app.tweakdoor.com
1	upload.wikimedia.org	app.tweakdoor.com
1	tweak-box.com	app.tweakdoor.com
1	is.gd	1 redirects
1	my.rtmark.net	app.tweakdoor.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdnjs.cloudflare.com	app.tweakdoor.com
1	www.googletagmanager.com	app.tweakdoor.com
268	64

This site contains links to these domains. Also see Links.

Domain
tweakdoor.com

Subject Issuer	Validity	Valid
app.tweakdoor.com R3	`2023-09-23` - `2023-12-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
glimtors.net R3	`2023-09-02` - `2023-12-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
rtmark.net R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
tweakdoor.com ZeroSSL RSA Domain Secure Site CA	`2023-09-23` - `2023-12-22`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-27` - `2023-11-17`	a year	crt.sh
freelogopng.com GTS CA 1P5	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.alamy.it Amazon RSA 2048 M02	`2023-02-22` - `2024-01-19`	a year	crt.sh
*.flaticon.com R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
vast.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-06-11` - `2024-07-12`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
ad-events.flashtalking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-17` - `2024-09-03`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2023-07-19` - `2024-08-19`	a year	crt.sh
vtrk.doubleverify.com E1	`2023-09-11` - `2023-12-10`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://app.tweakdoor.com/
Frame ID: 03439029203972D720C944A2508FFB29
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup.html
Frame ID: 391C5EA42A1332FB62C7ADC73AFDB15F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&adk=1812271804&adf=3025194257&lmt=1697862016&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fapp.tweakdoor.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911143502&bpp=4&bdt=255&idt=300&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7042892384599&frm=20&pv=2&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=326
Frame ID: DC9FB115B0E6ACCC7048B5067DF7EBEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=2168616157&adk=4202454054&adf=1788474492&pi=t.ma~as.2168616157&w=300&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=300x600&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144401&bpp=9&bdt=1154&idt=9&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQCaf9Tobt&p=https%3A//app.tweakdoor.com&dtd=14
Frame ID: 7C03E3A631CD0C6C291F71EB55BFE6F6
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=925113182&adf=189457609&pi=t.ma~as.2168616157&w=728&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=728x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144422&bpp=7&bdt=1174&idt=7&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeoE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Rcwr77aTq1&p=https%3A//app.tweakdoor.com&dtd=10
Frame ID: 473CE7180F85EDDEF1C682A8F1614C09
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=3365500179&adk=1522550357&adf=1154629289&pi=t.ma~as.3365500179&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144441&bpp=5&bdt=1193&idt=5&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600%2C728x280&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Kwt27huu6k&p=https%3A//app.tweakdoor.com&dtd=8
Frame ID: AE02B1D2AB08ED98B647F999C189EE8E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=3967338117&adf=2136182353&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144457&bpp=3&bdt=1209&idt=3&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9OCzdAVM5J&p=https%3A//app.tweakdoor.com&dtd=6
Frame ID: 6BBED590F230428B40F30A852E197CAD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1
Frame ID: DFFFA7453E93835EAEA5CB2E38243943
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1
Frame ID: 34ED4FFC8323B84CB539B80906DF6CAD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY4MCHvQEwAQ&v=APEucNWbZDDMZFcH6wZ0PaBcXuClJLRtcoFw6O0bEtVpNPojNFz85XifRAo0Tzbwnc5lXCmOygEr_dEriUgjfiZLjcSJdonPzabH4RodwOXs_E3mmqHlr-e_o_M4I5_Jq9zLWHVk9EAKU-7P-bUnoTej7aNPYYVh2PoZqKsG8eHyrT5VAmSAtI8
Frame ID: 7978DEC0FA65B513876DDAAEBC6B459A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 9A5FCC17FEBE74201AD49A5FD703F1AF
Requests: 22 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTQRaAAIhoEGrS4WAAoL3zOyc6h4SCIeR87j-g&u=%7CSHWe8o%2B3t3l3QDaEFyO5wcmYArc3lK33J55%2FU7TsKV0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_21K1c8ivcDFV7V8__Or_Hq7YrUcrGQm3G8VawK9pcMFJRfkwX4Dbg4gky-g1kXhABx2X4aXEhK1x2-QOGzkaIwAI09ujDGP-mOFZURJEHv9X4QIQnJq23vcLOPs9fJB65B9zSuynUxffOheoYxcdjULKRPAL8mWgaD9yczNo7BxIKg3jd-jCZ3MFLbH3qYl3oqNqISDY0xc9EE-8HZ3mnrFoWyL2tiNZsoXIQibMVJK8NKvV9vCeI5g7RbubnyBbE4oofCE_qvl8OKDReFyMAXezhAILV3_7D1XXDJv3uAIaUBLSeVt5-HFJ34j-CO6F9c8OZsP_Bsns8NNFJToyHN7Qbs9MKi-TuxU9cJhhYgagpCPu1vdlKTSq2iae4giVJWWlaNjXimBW8N38h9900TJl0IbRzd_FKAFoB9U1Yv4BcE_4d4GN09M7XkA6q51yd4EoJv_823UL8sHcERjBVatlAG0cf5WMo38OpXjNvZmL3f_gFRwtQ973MflaolwO34Hpki6AoCXE3pT1mOeyH-hHvn87f5oOhimzP2LdW7eQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvhJCaBE0ZYGNIpbctOUP35eo4AHJntKxXPXalvdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTQ0MjAzMzI2MzYwNTg1MzDIAQmpAtCPQEo8xrE-qAMByAMCqgTJAU_Q4h-qhSqEQCVB7H8IVQXc66BZ5IQZdZAeK5Z1N6PqA4RvZVGlvRKKj1Rc4B3UkESd7Uh0vr_n5Yd761VWfCi6F8Pyi5b8jaxB2bkMatk-BIS-Z-K3dn-SGZJOCp8uaRkZYXfnPWE-ONH3pbX4pZc77yLz-cfDRtexdYrRAC3C28-rgezV5Q5UB9Trr2raXQgTUG-M6HGrxBxvRP1f2bS-yGhksYCj23ipw8q9e5Ca8YW345029K8iDgRl8_w3Z2hnBhdJXg8WaoAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_36lBHBhl-pHRHt3Hs2g0jBSC_cLg%26client%3Dca-pub-4420332636058530%26adurl%3D
Frame ID: 9CD7EA401E7968D5E96EFEA9727864ED
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTQRaAAItzcGrQuyAAg2INLsyHwDhBIJSL8TrA&u=%7CSHWe8o%2B3t3lUymJ8TzvAJjWX0r9fP34LpFnqSfXksFw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_21K1c8ivcDFWevj8B2CMLVoant61SefYVggU724271W5DPnMYQ7lsIFrtg_8vvWDgVzYd31o-EiqVkVYBedRisL-0FS6uUPDCc-rocsMeFvsOePxiyQU5UelePrP_YDJZTut7vs41AXg5vsrU0YrXD5C2H5Hxpt8vXtFS97Ar91U-liobbBZqda06YlmmWxOnUWfUq9T45gkw4QG2hFVCLR9HweZDgfVQ8CNPxhnVYEeZsn3hy2I5Hf-IbHdb-l5JEJPQqURrNIIFKQ91hZrp4K9jIb2dbQjX65Fdas27CjC69zoYy4BvYSe0yQah4HwC1jUJTGQprlZJAorg621NFatx6hez24KthCPTniwVALFVH92SCSHnh6WmQsUPo1cGxtSqFv5lSMVMKYysG7smMlHYqslDsMGPWyVtVb24As5cEcipqC6EFknYLtlIdmYLYPGXpu37O-cR0yVp4IeHkPiala3tR5ft5nex6vXggbp6Mgd_Z4ezvD_vIX9XsAV4_poCkEg2qs5QVWkIu9Zgb-l2ii7KeixTYdPTu3WFZfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPGKuaBE0ZbfuIrKXtOUPoOygmAjJntKxXI3w4taTAcCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDIwMzMyNjM2MDU4NTMwyAEJqQLQj0BKPMaxPqgDAcgDAqoEzwFP0DHfMzatUXWEWS4_LUpbSAtGJUr8FgUFeS21qsaQZe4WiSEVm-uKv6lwxoeMW7sRkF7TnkLQ1gXZaLH6ol0Tk48YBNWhaeXomXOBii4Wk0b1TcWxpTA74ud0QhwUTej7XxDVp5_2w2fjkoaykbIl1pcr3xVKpE5bk5et1W2B3EDuXa94VmCr1GA9oLmJHFlyW31XPQ0N9PA0BgsuoFccSWmBO7sfF0K6_FTd0Om5OjXEuVM_0-iULuAqbLeatwtDZCKaRzXScwE-4gWYwemABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0QnKPXHU1tR8t7rX8_H00f1JaokQ%26client%3Dca-pub-4420332636058530%26adurl%3D
Frame ID: 6776A8B19A7839E53E744C1836C1DF5D
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A1FF8BB70C567DBF30AF9D695A5360AE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5C1C2E8BB02B6185FC9E85C2E858D3F8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AB04B3E070B541E3F891E0AC45DA3E11
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js
Frame ID: 6589FB3163D033822C02C4BA8165F943
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: D1FBD922F19B2986E9A46B75EEB2BBF2
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGITyr-kBMAE&v=APEucNVVFjY5aRpp_D9Zh_p1m-Ybwnah1MesirhugmMPEdwUFpdiP5gRV4Gj7t5nVNT2XeV5P3JJFfp-FtZAfTFzzNX4INncX4C4y3wIg9iuJMzxQQ79_RggDykI8kAxWpecYkPDmmauOjJN-GMnkO1cby60pq_S0QU99o5ZixC-ta8EHDM2pe8
Frame ID: 213F233328FE7FCE30D14F1580A8D327
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4826.js
Frame ID: 74EC04DFEBB32899D30CEA924EA3B748
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A0CBED5D612D79BEACF27EFA1A509D09
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8
Frame ID: 9B002772F614713E56276D5BBB96C15E
Requests: 18 HTTP requests in this frame

Frame: data://truncated
Frame ID: 41D124B684A5262420E06754E07E7620
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BCCAD228579217490A36F4873AC6EACF
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: DF480DD003946D5A3CB1224DC5C3B833
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1958139614455648090/index.html?ev=01_250
Frame ID: 05E00172768305C94526B6F19C97756E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 00AF5254E698BF87A5829FA8D7FB7366
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js
Frame ID: 0FF43492FAEE94923F58813425718F62
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED9740E16836828A5D800F63E34EC957
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0921F8094EFDA8A5934E4B2068B523AD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tweakdoor

Page URL History Show full URLs

http://app.tweakdoor.com/ HTTP 301
https://app.tweakdoor.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

268
Requests

93 %
HTTPS

58 %
IPv6

35
Domains

64
Subdomains

55
IPs

7
Countries

50552 kB
Transfer

55746 kB
Size

18
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://tweakdoor.com/nnn/mine.php
Title: Minecraft gear 1.19.41 571 MB

Search URL Search Domain Scan URL

URL: https://tweakdoor.com/nnn/spotyfi.php
Title: Spotify Premium gear 8.7.78 59 MB

Search URL Search Domain Scan URL

URL: https://tweakdoor.com/nnn/snapchat.php
Title: Snapchat++ gear 11.80.0 188 MB

Search URL Search Domain Scan URL

URL: https://tweakdoor.com/nnn/light.php
Title: Alight Motion gear 1.5.0 45 MB

Search URL Search Domain Scan URL

URL: https://tweakdoor.com/nnn/videostarold.php
Title: Video Star Hack gear 8.3.2 98 MB

Search URL Search Domain Scan URL

URL: https://tweakdoor.com/nnn/videostarpro.php
Title: Video Star Pro gear 11.2.8 136 MB

Search URL Search Domain Scan URL

URL: https://tweakdoor.com/nnn/videostarblack.php
Title: Video Star Black gear 11.2.8 136 MB

Search URL Search Domain Scan URL

URL: https://tweakdoor.com/nnn/ipogo.php
Title: iPoGo gear 257.0 113 MB

Search URL Search Domain Scan URL

URL: https://tweakdoor.com/nnn/spoofer.php
Title: Spoofer Pro gear 257.0 110 MB

Search URL Search Domain Scan URL

URL: https://tweakdoor.com/nnn/ps.php
Title: Import Qrcode gear 8.7.78 59 MB

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app.tweakdoor.com/ HTTP 301
https://app.tweakdoor.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://is.gd/2EiU1B HTTP 301
https://tweak-box.com/wp-content/uploads/2020/02/tweakdoor-app-200px.png

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1

Request Chain 87

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTQRadIUW.vwFnOwNORGwgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1&google_hm=2

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJJxCUCcNs9wwxtHZYfhA8U&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJJxCUCcNs9wwxtHZYfhA8U%26google_cver%3D1

Request Chain 89

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1MzY1OTI1NzcxNTUxMzk0Ng%3D%3D

Request Chain 95

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1

Request Chain 161

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTQRadIUW.vwFnOwNORGwgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1&google_hm=2

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJJxCUCcNs9wwxtHZYfhA8U&google_cver=1

Request Chain 163

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1MzY1OTI1NzcxNTUxMzk0Ng%3D%3D

Request Chain 183

https://servedby.flashtalking.com/imp/1/189093;6688641;201;gifimpid;DV360;DV360FY23StockBEHCustomIntentDEDSKVID1920x1080/?ft_impID=413617B0-4FE2-5DA6-89D8-E844D16B1D21&ft_custom=&ft_c1=&ft_c2=&ft_c3=&ft_id=&ft_mliid=&ft_partnerimpid=&ft_partnerid=&ft_section=&gdpr=FT_GDPR&gdpr_consent=&gdpr_pd=FT_GDPR_PD&us_privacy=!!US_PRIVACY!&ft_creative=4438443&ft_configuration=0&cachebuster=2046188777 HTTP 302
https://cdn.flashtalking.com/xre/668/6688641/4438443/image/4438443.gif

Request Chain 203

https://fw.adsafeprotected.com/rfw/st/1475223/71249294/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-4420332636058530&ias_chanId=1&ias_placementId=20111329642&bidurl=https://app.tweakdoor.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iJBfkmRAQsvlKmaEmbN5I4&adContainerId=brand_safety_ahE0ZYv2EqqyjuwPz4WLkAk&cbFunctionName=goog_wrapCb_ahE0ZYv2EqqyjuwPz4WLkAk&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fapp.tweakdoor.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fapp.tweakdoor.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4420332636058530%26output%3Dhtml%26h%3D600%26slotname%3D2168616157%26adk%3D4202454054%26adf%3D1788474492%26pi%3Dt.ma~as.2168616157%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1697862016%26rafmt%3D1%26format%3D300x600%26url%3Dhttps%253A%252F%252Fapp.tweakdoor.com%252F%26fwr%3D0%26rh%3D250%26rw%3D300%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697911144401%26bpp%3D9%26bdt%3D1154%26idt%3D9%26shv%3Dr20231017%26mjsv%3Dm202310180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D7f2b3fd6b6e2da76-22f212a3a2e40084%253AT%253D1697911143%253ART%253D1697911143%253AS%253DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w%26gpic%3DUID%253D00000c9ec4ff100c%253AT%253D1697911143%253ART%253D1697911143%253AS%253DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7042892384599%26frm%3D20%26pv%3D1%26ga_vid%3D1774317112.1697911144%26ga_sid%3D1697911144%26ga_hid%3D1432763673%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1260%26ady%3D570%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759837%252C44759875%252C44759926%252C44805112%252C44805534%252C44805681%252C44805918%252C44805934%252C31078297%252C31079012%26oid%3D2%26pvsid%3D4156988072324294%26tmod%3D1560448766%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfeE%257C%26abl%3DCF%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DlQCaf9Tobt%26p%3Dhttps%253A%2F%2Fapp.tweakdoor.com%26dtd%3D14&adsafe_type=d&adsafe_jsinfo=,id:d1d7f582-3edd-896e-b85d-dedb1585aced,c:rHQM7s,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-7664ffc677-hqmgz,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tTls8zS+11%7C12%7C13%7C14*.1475223-71249294%7C141%7C142%7C151%7C152%7C161%7C171%7C1811%7C1812%7C1911%7C1912%7C1913%7C19141%7C1a%7C1b,idMap:14*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:31,oid:87158592-703b-11ee-ac4c-a6c3eccee62a,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ahE0ZYv2EqqyjuwPz4WLkAk&cbFunctionName=goog_wrapCb_ahE0ZYv2EqqyjuwPz4WLkAk&true_pb=

Request Chain 232

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDvo8efShCwCRiwCTIIQXBm2uX5Tvs HTTP 301
https://tpc.googlesyndication.com/simgad/2229373788544933868

Request Chain 234

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJkcg7rLaK9qTCWR7trXbig&google_cver=1&google_push=AXcoOmQAdHnJSfCEyO7QhxkCUIPHI0q6Bn-d9N6iAPrZAunObeRqByNnubu_3i_iOnuSm0dtD5HkgtQHxiRiYxmHOn4x2LFUlU-INcI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJkcg7rLaK9qTCWR7trXbig&google_push=AXcoOmQAdHnJSfCEyO7QhxkCUIPHI0q6Bn-d9N6iAPrZAunObeRqByNnubu_3i_iOnuSm0dtD5HkgtQHxiRiYxmHOn4x2LFUlU-INcI

Request Chain 235

https://um.simpli.fi/gp_match?google_gid=CAESELRjSwv3qR-GRh5hYJfLg4M&google_cver=1&google_push=AXcoOmTxLh3bZXk2EXh-Z9nqhhS9LS7iXZzuaTxWNZLf9zyJqCESXnTUS1-3NessduEgvKqo03mQfyDcky-ZgZtCLBy9MGqPHKY1FeQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C4F1D2486DE24D9E9346A06CB1E16A9A&google_push=AXcoOmTxLh3bZXk2EXh-Z9nqhhS9LS7iXZzuaTxWNZLf9zyJqCESXnTUS1-3NessduEgvKqo03mQfyDcky-ZgZtCLBy9MGqPHKY1FeQ

Request Chain 237

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAMU0d5Aht08UMZBpnFP1lY&google_cver=1&google_push=AXcoOmR_kLQee2pq_bci_so70CPIV9ptkVlytnZwkBbn57sk3UMWv_FwN7OTmnMUtLHJUvMkW20DtIvgnQVSiau_0o0Hggh7doDsWXs HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=N8F2fy8VTR8hQtPhH56awA&google_push=AXcoOmR_kLQee2pq_bci_so70CPIV9ptkVlytnZwkBbn57sk3UMWv_FwN7OTmnMUtLHJUvMkW20DtIvgnQVSiau_0o0Hggh7doDsWXs

Request Chain 239

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEChefHzrQT8LfCIoY17H7O8&google_cver=1&google_push=AXcoOmSBTev93UZ_goGtWuvJwcwprnGKabZET8gdU1bNwlULXc4KYhIjBjcgVHJkm7lSKGiPGi_AVmFiEf4SA8u6OXVmKLULtLfynpk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSBTev93UZ_goGtWuvJwcwprnGKabZET8gdU1bNwlULXc4KYhIjBjcgVHJkm7lSKGiPGi_AVmFiEf4SA8u6OXVmKLULtLfynpk&google_hm=eS1VZjdGSG45RTJwRlhPNkx0Q05Ia0RiSmRvdnV4TlVla35B

Request Chain 240

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIIIBmmVdgjX5cxIrdEHcMU&google_cver=1&google_push=AXcoOmT045dCU3azT58wMzpXjzh8gLSB0BHYBXV33bNb7oO2AjZmrFxt87_sjf4BaGCn1noTVcmRL0OwAG5Djwq59isUqs6YSnhAi127 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT045dCU3azT58wMzpXjzh8gLSB0BHYBXV33bNb7oO2AjZmrFxt87_sjf4BaGCn1noTVcmRL0OwAG5Djwq59isUqs6YSnhAi127 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 245

https://googleads.g.doubleclick.net/pagead/adview?ai=CBT05ahE0ZZTQLOili9YPwcm28Afbp-_0cPzxvcyqD7aAxoveLRABIP382yhglYKAgJgHoAHQp-maAcgBCakCNcXA-RhZgj6oAwHIA8sEqgTSAU_QYySDJnlH0a6czFVY_CvTizDx6ls7tzedH-bEQgfbldGMW73DY_5i3S0l-EibHPVcnQuoCX1DhGX9eCGW0bkzQVYFVEJ4xJLnGT7cRFSUK-iUeYRneb6SEup0JSwNvEBH29OAonYG9LFEiwihE-N7Xs6Snp4IHriVr0jATvBr35CQhGEUa8BtuRlGs8vTvAjJSVFnz0wZWABocEdltWATC5viNHFxBFYk4HSFVbAAWEOJmUuB3A1GYdb-yIpG6hmLFQ6SWSc-Bnx36XTyXVsUDMAEk4W0nowEiAXu64PbPZIFBAgEGAGSBQQIBRgEoAYugAeY2JblAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBD03QbSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkmaHR0cHM6Ly92aWdvby5mdW4vZ2FtZXNoYXJlL2luZGV4Lmh0bWyACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNDQyMDMzMjYzNjA1ODUzMBgA&sigh=B8psnFLJfNE&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNpcVmvGl6MJRSML-Bw6WVKA2f5ytlCf6XfmtIwGbKXkI37Lj27KOYP3XDRrz4wu7IL68AU04BIhgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212914078783244813943%22,%22debug_reporting%22:true,%22destination%22:%22https://vigoo.fun%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22324686800%22],%224%22:[%2210-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212231789442714154689%22}&andc=true

268 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.tweakdoor.com/
Redirect Chain

http://app.tweakdoor.com/
https://app.tweakdoor.com/

85 KB
21 KB

498ms
163ms

Document
text/html

2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

238ff58a31efe3f345918878b077cdc6486289c38e473504968c7f72ced5aaaa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 21628
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Sat, 21 Oct 2023 17:59:03 GMT
etag: "15488-65336da0-6c0cbfc440d9ed80;br"
last-modified: Sat, 21 Oct 2023 06:20:16 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Sat, 21 Oct 2023 17:59:02 GMT
location: https://app.tweakdoor.com/
platform: hostinger
server: LiteSpeed

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 145ms
88ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4420332636058530

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32b598ef394da87b61571ac9924b8a92bb888fbaa2b7c6815ec172fa34b01065

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.tweakdoor.com/
Origin: https://app.tweakdoor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51133
x-xss-protection: 0
server: cafe
etag: 18283634585768745117
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 17:59:03 GMT

HEAD
H2 200 / Show response
app.tweakdoor.com/ 0
21 B 163ms
163ms XHR
text/html 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tweakdoor.com/

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:03 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 21 Oct 2023 06:20:16 GMT
server: LiteSpeed
etag: "15488-65336da0-6c0cbfc440d9ed80;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 21628

GET
H2 200 ntfc.php Show response
glimtors.net/ 13 KB
6 KB 133ms
38ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glimtors.net/ntfc.php?p=6492090
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: a911133196bf02cab34284c78a17cd53f7c818b968d428fcf1c9b81652f7c339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:03 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 13:06:24 GMT
server: nginx
etag: W/"653129d0-32bc"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 93ms
40ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-138QWYX9BN

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8183e219177c75fd89eb8b15f446ccbbafe689462aac96da3bbdbe3822979103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93022
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 21 Oct 2023 17:59:03 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 87ms
35ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1347320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3279
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrA4GOw%2FE2X1O4%2B6wjaVeTXPxZGwfcaSobTT4UbNd1ZA5WG3I%2F1AQV%2BuQKuO71EzcuibwuQdtriXfhOMdrzdRtu7L4o9Z5U%2Fgs%2FP3R2p1zFg2rlAJSg16aLIMFYnjxUXYwUdUuJCgunQ%2FLV8rOpjhAkY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 819b64672909bbe6-FRA
expires: Thu, 10 Oct 2024 17:59:03 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/ 394 KB
134 KB 140ms
94ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4420332636058530&plah=app.tweakdoor.com&bust=31079012

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4420332636058530

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75cdc71ca23c08d2b3929ada433940d8c591e0b2f9b7794ceea322578b1fe9d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136924
x-xss-protection: 0
server: cafe
etag: 1920962712360135029
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 17:59:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/ Frame 391C 10 KB
5 KB 74ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4420332636058530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 18:13:57 GMT
etag: 4569948109300706969
expires: Fri, 03 Nov 2023 18:13:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 framework7.bundle.min.css
app.tweakdoor.com/x/framework7/css/ 378 KB
52 KB 162ms
162ms Stylesheet
text/css 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tweakdoor.com/x/framework7/css/framework7.bundle.min.css

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

720c6a1f1b2b01efbc2e7a55e28086fd73becd0a55c33904cd599c87206465bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:03 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 07:51:40 GMT
server: LiteSpeed
etag: "5e86c-651e6b0c-c54eba19181da8a0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 53197
expires: Sat, 28 Oct 2023 17:59:03 GMT

GET
H2 200 zone Show response
glimtors.net/ 882 B
1 KB 43ms
43ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glimtors.net/zone?pub=0&zone_id=6492090&is_mobile=false&domain=app.tweakdoor.com&var=&ymid=&var_3=&tg=0

Requested by

Host: glimtors.net
URL: https://glimtors.net/ntfc.php?p=6492090

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ab7ac7916d1fedd9bb198fb6b64b9a5e888e1674110c8a9ae038f242e64d1445

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-trace-id: b21fe0e82f2d790cabe9f5b3f8bd96ee
date: Sat, 21 Oct 2023 17:59:03 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.tweakdoor.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 882

GET
H2 200 universal.min.js Show response
glimtors.net/pfe/current/ 86 KB
33 KB 180ms
90ms Fetch
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glimtors.net/pfe/current/universal.min.js?v=3.1.465
Requested by: Host: glimtors.net
URL: https://glimtors.net/ntfc.php?p=6492090
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: bba9e8453043e5730f1a6483632d22bdd659002ae323e5d15ab7e85c8a4ec9ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:03 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 13:06:24 GMT
server: nginx
etag: W/"653129d0-156a2"
content-type: application/javascript
access-control-allow-origin: https://app.tweakdoor.com
cache-control: no-cache
access-control-allow-credentials: true

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 86ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-138QWYX9BN&gtm=45je3ai0&_p=1432763673&cid=1774317112.1697911144&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697911143&sct=1&seg=0&dl=https%3A%2F%2Fapp.tweakdoor.com%2F&dt=Tweakdoor&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-138QWYX9BN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.tweakdoor.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
602 B 129ms
33ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=app.tweakdoor.com&callback=_gfp_s_&client=ca-pub-4420332636058530

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4420332636058530&plah=app.tweakdoor.com&bust=31079012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c6ee31e9f5e19e03fce7fe87b0887713f4b3eedfbebe3f13c5a6cc40a542dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC9F 244 KB
62 KB 733ms
732ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&adk=1812271804&adf=3025194257&lmt=1697862016&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fapp.tweakdoor.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911143502&bpp=4&bdt=255&idt=300&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7042892384599&frm=20&pv=2&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=326

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c9de87229d5bbe95706fbf7265d13ac0807cd3ccaa733aeb1f0d48f3bf10e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 62786
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:59:04 GMT
expires: Sat, 21 Oct 2023 17:59:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 164ms
164ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=sticky-ad&cls=sticky-tab&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 custom
glimtors.net/ Frame 0
0 45ms
45ms Preflight
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glimtors.net/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.tweakdoor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://app.tweakdoor.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 21 Oct 2023 17:59:03 GMT
server: nginx

POST
H2 200 custom Show response
glimtors.net/ 39 B
331 B 38ms
38ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glimtors.net/custom

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.tweakdoor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 34e6628acac25ee1f0d6f32e2739ca09
date: Sat, 21 Oct 2023 17:59:03 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.tweakdoor.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 39

GET
H3 404 sw.js Show response
app.tweakdoor.com/ 2 KB
1 KB 163ms
163ms Fetch
text/html 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://app.tweakdoor.com/sw.js
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:03 GMT
content-encoding: br
last-modified: Tue, 07 Sep 2021 18:13:05 GMT
server: LiteSpeed
etag: "999-6137abb1-956fca2e881b542a;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 912

GET
H3 200 icons.css
app.tweakdoor.com/x/css/ 4 KB
1 KB 163ms
163ms Stylesheet
text/css 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tweakdoor.com/x/css/icons.css

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1b35c42f3d9c589a67ca5159d7f4973981ffbd6cc3aa20d50ab348086fca596f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:03 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 07:51:40 GMT
server: LiteSpeed
etag: "103c-651e6b0c-fc320b87f4609358;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1252
expires: Sat, 28 Oct 2023 17:59:03 GMT

POST
H2 200 event Show response
glimtors.net/ 94 B
387 B 39ms
39ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glimtors.net/event

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bc1972623357c2f76ae6d42ff1870038e1a738f7bfe15c3e1748be737085dc66

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.tweakdoor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 1f7bf963e8cf011255e12093e80481d2
date: Sat, 21 Oct 2023 17:59:04 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.tweakdoor.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 94

OPTIONS
H2 200 event
glimtors.net/ Frame 0
0 44ms
44ms Preflight
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glimtors.net/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.tweakdoor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://app.tweakdoor.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 21 Oct 2023 17:59:04 GMT
server: nginx

GET
H3 200 app.css
app.tweakdoor.com/x/css/ 2 KB
755 B 164ms
163ms Stylesheet
text/css 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tweakdoor.com/x/css/app.css

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

733495afebc027c211c1155b4e43b6b8fbde566a4a29e11a9be42eaf504a5f6b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 07:51:40 GMT
server: LiteSpeed
etag: "92e-651e6b0c-ae57a1e8ebffb7a3;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 656
expires: Sat, 28 Oct 2023 17:59:04 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
545 B 151ms
47ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=21f632ce1730474cac9e2fef9375dd33&zoneId=6492090&checkDuplicate=true&ymid=&var=

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

8394005724547d111ee3482ca6687b09d0194ce51df35d99e705bb9464b1365b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.tweakdoor.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 style.css
app.tweakdoor.com/x/css/ 2 KB
804 B 163ms
162ms Stylesheet
text/css 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tweakdoor.com/x/css/style.css

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e06732a765d1dd119f61b2de1bdaf9f9b1b2d181e6cb129356aa4355e5291418

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 07:51:40 GMT
server: LiteSpeed
etag: "7f6-651e6b0c-dbfc3e45aa42d16e;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 752
expires: Sat, 28 Oct 2023 17:59:04 GMT

GET
H2 200 defaultSkin.min.js Show response
glimtors.net/pfe/current/ 56 KB
19 KB 46ms
46ms Fetch
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glimtors.net/pfe/current/defaultSkin.min.js
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:04 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 13:06:24 GMT
server: nginx
etag: W/"653129d0-df63"
content-type: application/javascript
access-control-allow-origin: https://app.tweakdoor.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2

200

tweakdoor-app-200px.png
tweak-box.com/wp-content/uploads/2020/02/
Redirect Chain

https://is.gd/2EiU1B
https://tweak-box.com/wp-content/uploads/2020/02/tweakdoor-app-200px.png

25 KB
26 KB

103ms
36ms

Image
image/webp

2606:4700:20::ac43:505c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tweak-box.com/wp-content/uploads/2020/02/tweakdoor-app-200px.png
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: H2
Server: 2606:4700:20::ac43:505c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f80cb15e8af3bd5e4accc1a411871ea0e4618c95635a1a55df39f2999e5e6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1422268
cf-polished: origFmt=png, origSize=32096
content-disposition: inline; filename="tweakdoor-app-200px.webp"
alt-svc: h3=":443"; ma=86400
content-length: 25504
cf-bgj: imgq:100,h2pri
last-modified: Sat, 22 Feb 2020 15:45:50 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQVDCLX7Udla%2FtZMhKQ463bancFfO4wwVIY%2BX%2FhEz75WLOW%2BfntQ5LVbug7iN6yHx%2FUv2SLQ%2FeurQ05Bhkx%2F2lQBN01VYpcDvYlU7hnD6FMbtwJkyAjrmh5btzFPDG3VT3FUuue2jCP1bEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 819b646eca9e35ee-FRA
expires: Fri, 02 Feb 2024 06:54:35 GMT

Redirect headers

location: https://tweak-box.com/wp-content/uploads/2020/02/tweakdoor-app-200px.png
date: Sat, 21 Oct 2023 17:59:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 819b646d0a755d8d-FRA
content-type: text/html; charset=UTF-8

GET
H2 200 btn_close.gif
tweakdoor.com/ 362 B
722 B 541ms
163ms Image
image/gif 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tweakdoor.com/btn_close.gif

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 11:46:07 GMT
server: LiteSpeed
etag: "16a-651ea1ff-6ab594bf380ab904;;;"
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 362
expires: Sat, 28 Oct 2023 17:59:04 GMT

GET
H3 200 Framework7Icons-Regular.woff2
app.tweakdoor.com/x/fonts/ 31 KB
31 KB 163ms
163ms Font
font/woff2 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tweakdoor.com/x/fonts/Framework7Icons-Regular.woff2

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/x/css/icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

417ae22e2baabe34deb1d7e2b2336607421772651f50123c58102eea49d340ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://app.tweakdoor.com/x/css/icons.css
Origin: https://app.tweakdoor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 07:51:40 GMT
server: LiteSpeed
etag: "7ae0-651e6b0c-8c72b89a20ee92ed;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 31456
expires: Sat, 28 Oct 2023 17:59:04 GMT

GET
H3 200 MaterialIcons-Regular.woff2
app.tweakdoor.com/x/fonts/ 43 KB
43 KB 247ms
247ms Font
font/woff2 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tweakdoor.com/x/fonts/MaterialIcons-Regular.woff2

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/x/css/icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://app.tweakdoor.com/x/css/icons.css
Origin: https://app.tweakdoor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 07:51:40 GMT
server: LiteSpeed
etag: "ad0c-651e6b0c-f004ecd735fe8010;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 44300
expires: Sat, 28 Oct 2023 17:59:04 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7C03 21 KB
9 KB 1598ms
1597ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=2168616157&adk=4202454054&adf=1788474492&pi=t.ma~as.2168616157&w=300&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=300x600&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144401&bpp=9&bdt=1154&idt=9&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQCaf9Tobt&p=https%3A//app.tweakdoor.com&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e970c60f68251135b7210191122ef1f014c7d8ae9ceb9535f0290ead09daec0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 9606
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:59:05 GMT
expires: Sat, 21 Oct 2023 17:59:05 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1024px-Green_sphere.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/5/5d/Green_sphere.svg/ 71 KB
72 KB 157ms
52ms Image
image/png 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/5/5d/Green_sphere.svg/1024px-Green_sphere.svg.png

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

02b2358ed6acbe593c7ad304fcfc368b8344f98ae7d49102813ab8933e45a06f

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 14:29:54 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 12549
x-cache-status: hit-front
x-cache: cp3081 hit, cp3081 hit/56
server-timing: cache;desc="hit-front", host;desc="cp3081"
content-length: 72852
x-client-ip: 2001:1b60:2:240:3247::5
x-object-meta-sha1base36: 04xfzfkelpbdibzw2kjis4bcypn2wfo
last-modified: Sat, 26 Oct 2013 14:17:29 GMT
server: ATS/9.1.4
etag: 61ffbb4b4e400eedb11ad42b0b27a5c1
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 minecraft.png
tweakdoor.com/img/ 44 KB
44 KB 842ms
484ms Image
image/png 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tweakdoor.com/img/minecraft.png

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d676e742b549cf7b4698cb9dc5be5f1734bc59313958cf9a7b7acd92a5ff3d76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 01 Oct 2023 18:25:50 GMT
server: LiteSpeed
etag: "b17a-6519b9ae-178e004627847e1d;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 45434
expires: Sat, 28 Oct 2023 17:59:05 GMT

GET
H2 200 spotify.png
tweakdoor.com/img/ 100 KB
100 KB 841ms
484ms Image
image/png 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tweakdoor.com/img/spotify.png

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0d194c47c014866f7e78e81602c04dac8840ca3fbf232602600cf828b0fbae68

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 01 Oct 2023 18:25:50 GMT
server: LiteSpeed
etag: "18ec5-6519b9ae-560463c543792760;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 102085
expires: Sat, 28 Oct 2023 17:59:04 GMT

GET
H2 200 snapchat.png
tweakdoor.com/img/ 47 KB
47 KB 842ms
484ms Image
image/png 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tweakdoor.com/img/snapchat.png

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e4cf97ac2c894373993441405711d3b8d2725ddfccab4c20a2a9ede787963919

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 01 Oct 2023 18:25:50 GMT
server: LiteSpeed
etag: "baf1-6519b9ae-c19c9e93cce5e60d;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 47857
expires: Sat, 28 Oct 2023 17:59:05 GMT

GET
H2 200 1664536987alight-motion-logo-transparent.png
freelogopng.com/images/all_img/ 273 KB
274 KB 126ms
33ms Image
image/webp 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freelogopng.com/images/all_img/1664536987alight-motion-logo-transparent.png
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ab56e51608d68bd17237e4ed5569396caec080ff01cc0fd894ba65b4295d2d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7015
cf-polished: origFmt=png, origSize=284242
x-powered-by: PleskLin
content-disposition: inline; filename="1664536987alight-motion-logo-transparent.webp"
content-length: 279806
cf-bgj: imgq:100,h2pri
last-modified: Tue, 05 Sep 2023 09:43:00 GMT
server: cloudflare
etag: "64f6f824-45652"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLBsC7Jd6S6eXAIwCaUwzC2vfwMnxbVYThhi2SZ2LWVrWKjF3IinJDTcg%2Bsz7flLSU4aJPx6UpYtkiqkXIcrgmJmi0aCzinltkSavZMcBk0he0pQO4Gx6rjkuSK4q9tfKoJsoMWkOM7rp4dcbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 819b646d49d068ef-FRA

GET
H3 404 avB6Liv.png
app.tweakdoor.com/i.imgur.com/ 2 KB
2 KB 330ms
330ms Image
text/html 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.tweakdoor.com/i.imgur.com/avB6Liv.png
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/x/css/app.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/x/css/app.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-encoding: br
last-modified: Tue, 07 Sep 2021 18:13:05 GMT
server: LiteSpeed
etag: "999-6137abb1-956fca2e881b542a;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7afbada23763f39a33fd45a45dd147ffd6ab337ef50c5557cd5ce206b07dabe0

Request headers

Referer
Origin: https://app.tweakdoor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 473C 84 KB
27 KB 436ms
435ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=925113182&adf=189457609&pi=t.ma~as.2168616157&w=728&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=728x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144422&bpp=7&bdt=1174&idt=7&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeoE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Rcwr77aTq1&p=https%3A//app.tweakdoor.com&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1278f565487702818dce496de808a9b2fb55ecaca66837056c824dcd9a34c811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 27265
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:59:04 GMT
expires: Sat, 21 Oct 2023 17:59:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 videostar.png
tweakdoor.com/img/ 32 KB
32 KB 503ms
164ms Image
image/png 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tweakdoor.com/img/videostar.png

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

af66ef5099f9abb3f9de632d7e1f047d127a941cc6e8909ea37f41dedd9ef87d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 01 Oct 2023 18:25:50 GMT
server: LiteSpeed
etag: "7e83-6519b9ae-13e74681bc05a844;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 32387
expires: Sat, 28 Oct 2023 17:59:04 GMT

GET
H2 200 videostarpro.png
tweakdoor.com/img/ 45 KB
45 KB 662ms
324ms Image
image/png 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tweakdoor.com/img/videostarpro.png

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

50bb10fff463d3ba819f7754244c7dfb3afb0c85cb74adfdca55cf607cc66329

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 01 Oct 2023 18:25:50 GMT
server: LiteSpeed
etag: "b310-6519b9ae-8497a102f4966d95;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 45840
expires: Sat, 28 Oct 2023 17:59:04 GMT

GET
H2 200 black.jpg
tweakdoor.com/nnn/ 81 KB
81 KB 819ms
485ms Image
image/jpeg 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tweakdoor.com/nnn/black.jpg

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ec38cd16e873cc656540a5d387c0404573a70ed7a24a522fd1d325feab248fc4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 14 Oct 2023 12:18:57 GMT
server: LiteSpeed
etag: "14311-652a8731-8ed3771e81474be6;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 82705
expires: Sat, 28 Oct 2023 17:59:05 GMT

GET
H2 200 ipogo.png
tweakdoor.com/img/ 237 KB
237 KB 819ms
485ms Image
image/png 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tweakdoor.com/img/ipogo.png

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5d4d5b05229a872ec88f5b855e174ffd1c77a7aa8f63e410d228902fbe969cf4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 01 Oct 2023 18:25:50 GMT
server: LiteSpeed
etag: "3b282-6519b9ae-521d547c4c826de9;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 242306
expires: Sat, 28 Oct 2023 17:59:05 GMT

GET
H2 200 spooferpro.png
tweakdoor.com/img/ 209 KB
209 KB 981ms
646ms Image
image/png 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tweakdoor.com/img/spooferpro.png

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1c911bb94bbb2d57c10fca554977b8aa060cdcf0eb7679694ae3fd02b3b37c36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 01 Oct 2023 18:25:50 GMT
server: LiteSpeed
etag: "344f1-6519b9ae-6e012416b8b7cc9b;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 214257
expires: Sat, 28 Oct 2023 17:59:05 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE02 35 KB
14 KB 431ms
431ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=3365500179&adk=1522550357&adf=1154629289&pi=t.ma~as.3365500179&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144441&bpp=5&bdt=1193&idt=5&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600%2C728x280&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Kwt27huu6k&p=https%3A//app.tweakdoor.com&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dbe87d3ed1f5baa5a88a6f37205712fc9d94ee19648fdfb6f6fc0dc8e1bb974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14353
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:59:04 GMT
expires: Sat, 21 Oct 2023 17:59:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 payment-qr-with-code-scanner-scanning-phone-screen-neon-light-icon-wifi-2d-barcode-reader-handheld-wireless-qr-code-barcode-reading-glowing-sign-wi-2AH45RK.jpg
c8.alamy.com/comp/2AH45RK/ 125 KB
125 KB 120ms
34ms Image
image/jpeg 18.239.94.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c8.alamy.com/comp/2AH45RK/payment-qr-with-code-scanner-scanning-phone-screen-neon-light-icon-wifi-2d-barcode-reader-handheld-wireless-qr-code-barcode-reading-glowing-sign-wi-2AH45RK.jpg
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-84.ams1.r.cloudfront.net
Software: /
Resource Hash: 998ea69f1e7d0c9186e5de5ec6b603147dfe0255fe05f0a9b3256198d22a96e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 19:24:42 GMT
via: 1.1 eda2686dad6c190a4b0f18db47e39f0a.cloudfront.net (CloudFront)
last-modified: Tue Oct 19 2021 00:00:00 GMT+0000 (Coordinated Universal Time)
x-amz-cf-pop: AMS1-P3
age: 167662
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: e37InuL9z4FLZ5zt9MwmG7yb0i0RAx6P8gCx2DC1h3nLEyqr9Qgzqw==

GET
H2 200 5968514.png
cdn-icons-png.flaticon.com/512/5968/ 8 KB
8 KB 179ms
36ms Image
image/png 2a02:26f0:3500:11::215:14c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-icons-png.flaticon.com/512/5968/5968514.png
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14c7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 18bb59005ab0aedbd1ae6c65a0bccd81396823297b0259e22d3f9000c4bd4a7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 7863
pragma: public
last-modified: Mon, 18 Sep 2023 23:06:29 GMT
etag: "e1b20f52e806f9bf064069d9137e4402"
vary: Accept-Encoding
x-goog-generation: 1695078389590727
content-type: image/png
access-control-allow-origin: *
x-default-rule: YES
cache-control: public, max-age=31536000
x-goog-stored-content-length: 7863
x-amz-checksum-crc32c: cnfagg==
accept-ranges: bytes
x-amz-meta-x-goog-reserved-source-generation: 1676887167150932
expires: Sat, 21 Oct 2023 17:59:04 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BBE 35 KB
14 KB 427ms
426ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=3967338117&adf=2136182353&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144457&bpp=3&bdt=1209&idt=3&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9OCzdAVM5J&p=https%3A//app.tweakdoor.com&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edcff989729e858f2cbde975ed98af64bbe9f11b848ad86c827af8a0d2d6c2da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14362
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:59:04 GMT
expires: Sat, 21 Oct 2023 17:59:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 76ms
23ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 10:18:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 10:18:06 GMT

GET
H3 200 framework7.bundle.min.js Show response
app.tweakdoor.com/x/framework7/js/ 568 KB
135 KB 170ms
170ms Script
application/x-javascript 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tweakdoor.com/x/framework7/js/framework7.bundle.min.js

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

16b40a62651e28eae2f9234392af7189b982b5cbe8ee5f5be1ef8cef962c5f22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 07:51:40 GMT
server: LiteSpeed
etag: "8df8f-651e6b0c-979646408d92c503;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 138019
expires: Sat, 28 Oct 2023 17:59:04 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/ 159 KB
54 KB 127ms
127ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/reactive_library_fy2021.js?bust=31079012

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

117fdee81c777adacc62e46a06ac440654f8f58de9310c2d20015171d747c198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55347
x-xss-protection: 0
server: cafe
etag: 17746861480379923535
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 17:59:04 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/ Frame DFFF 10 KB
4 KB 24ms
23ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 18:13:46 GMT
etag: 4569948109300706969
expires: Fri, 03 Nov 2023 18:13:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/ Frame 34ED 10 KB
4 KB 23ms
23ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 18:13:46 GMT
etag: 4569948109300706969
expires: Fri, 03 Nov 2023 18:13:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame DFFF 4 KB
1 KB 88ms
32ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 21 Oct 2023 17:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 16:43:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Oct 2023 17:59:04 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DFFF 205 B
649 B 83ms
24ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 15:33:28 GMT
x-content-type-options: nosniff
age: 8736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 20 Oct 2024 15:33:28 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DFFF 604 B
696 B 83ms
24ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:36:09 GMT
x-content-type-options: nosniff
age: 116575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 19 Oct 2024 09:36:09 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame DFFF 15 KB
7 KB 82ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98fefe7f547279bd255dc14dc672ff50e5b5d330f6ae9d2fc3b0784be4b40de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:10:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6582
x-xss-protection: 0
server: cafe
etag: 15902073051392820161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 23:10:47 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame DFFF 20 KB
9 KB 83ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 18:05:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8598
x-xss-protection: 0
server: cafe
etag: 10300645532664441910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 18:05:56 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7978 624 B
246 B 73ms
68ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY4MCHvQEwAQ&v=APEucNWbZDDMZFcH6wZ0PaBcXuClJLRtcoFw6O0bEtVpNPojNFz85XifRAo0Tzbwnc5lXCmOygEr_dEriUgjfiZLjcSJdonPzabH4RodwOXs_E3mmqHlr-e_o_M4I5_Jq9zLWHVk9EAKU-7P-bUnoTej7aNPYYVh2PoZqKsG8eHyrT5VAmSAtI8

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:59:04 GMT
expires: Sat, 21 Oct 2023 17:59:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9A5F 89 KB
31 KB 122ms
117ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 17:59:04 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 9A5F 2 KB
1 KB 107ms
23ms Script
application/javascript 2a02:26f0:480:15::213:7e52
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4172027&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0i4OGzC22M13cbfqMrqLNGO&DVP_DBM_1=3060631&DVP_DBM_2=24779292&DVP_DBM_3=15170489244&DVP_DBM_4=396484704&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=762280502321&turl=https://app.tweakdoor.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:15::213:7e52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:59:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:44 GMT
Server: UploadServer
ETag: "56f95dec40f6402642b5537aa29ad91c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Sun, 22 Oct 2023 17:59:04 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 9A5F 9 KB
4 KB 110ms
25ms Script
application/javascript 2a02:26f0:480:15::213:7e52
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0i4OGzC22M13cbfqMrqLNGO&DVP_DBM_1=3060631&DVP_DBM_2=24779292&DVP_DBM_3=15170489244&DVP_DBM_4=396484704&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=762280502321&turl=https://app.tweakdoor.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:15::213:7e52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: b1a22bca2e94ac819868674685b19dacadb2888e6099876d6e101ccaf2b17993

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:59:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2023 12:35:35 GMT
Server: UploadServer
ETag: "feed0819b127152e53765dac6c4fa8da"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Sat, 21 Oct 2023 18:14:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 9A5F 3 KB
1 KB 68ms
50ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 13:29:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 13:29:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 9A5F 20 KB
8 KB 46ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 00:02:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A5F 187 KB
59 KB 92ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 17:59:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A5F 42 B
63 B 167ms
163ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C2YWbWH2IISJI_QcXN03J-j-qv-WCrPgZXyaAn4TjBgmOT4bOfo5xh2h4s0BI6msAbdw4gix0TQQp-CFCPbSCOyt7SnxP6JFB0a4Nx7L9JLwy_j_w

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A5F 0
20 B 167ms
164ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8092193803626570866&x=1&ct=77

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 473C 23 KB
9 KB 51ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=925113182&adf=189457609&pi=t.ma~as.2168616157&w=728&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=728x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144422&bpp=7&bdt=1174&idt=7&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeoE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Rcwr77aTq1&p=https%3A//app.tweakdoor.com&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 00:02:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 473C 8 KB
823 B 39ms
35ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 21 Oct 2023 17:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 17:21:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Oct 2023 17:59:04 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/ Frame 473C 15 KB
3 KB 129ms
23ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 14:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272936
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 10:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 14:10:09 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/ Frame 473C 372 KB
129 KB 130ms
24ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed307b9176ce74e8ec5cd56461795d1c63e3a2df73afe3dbb03731e20a8e7101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 14:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272936
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132010
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 10:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 14:10:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 473C 20 KB
8 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 00:02:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame AE02 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=3365500179&adk=1522550357&adf=1154629289&pi=t.ma~as.3365500179&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144441&bpp=5&bdt=1193&idt=5&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600%2C728x280&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Kwt27huu6k&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 13:29:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 13:29:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame AE02 20 KB
8 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 00:02:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE02 187 KB
59 KB 107ms
71ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 17:59:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 6BBE 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=3967338117&adf=2136182353&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144457&bpp=3&bdt=1209&idt=3&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9OCzdAVM5J&p=https%3A//app.tweakdoor.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 13:29:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 13:29:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 6BBE 20 KB
8 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=3967338117&adf=2136182353&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144457&bpp=3&bdt=1209&idt=3&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9OCzdAVM5J&p=https%3A//app.tweakdoor.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 00:02:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BBE 187 KB
59 KB 117ms
91ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=3967338117&adf=2136182353&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144457&bpp=3&bdt=1209&idt=3&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9OCzdAVM5J&p=https%3A//app.tweakdoor.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 17:59:04 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9CD7 140 KB
47 KB 266ms
149ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTQRaAAIhoEGrS4WAAoL3zOyc6h4SCIeR87j-g&u=%7CSHWe8o%2B3t3l3QDaEFyO5wcmYArc3lK33J55%2FU7TsKV0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_21K1c8ivcDFV7V8__Or_Hq7YrUcrGQm3G8VawK9pcMFJRfkwX4Dbg4gky-g1kXhABx2X4aXEhK1x2-QOGzkaIwAI09ujDGP-mOFZURJEHv9X4QIQnJq23vcLOPs9fJB65B9zSuynUxffOheoYxcdjULKRPAL8mWgaD9yczNo7BxIKg3jd-jCZ3MFLbH3qYl3oqNqISDY0xc9EE-8HZ3mnrFoWyL2tiNZsoXIQibMVJK8NKvV9vCeI5g7RbubnyBbE4oofCE_qvl8OKDReFyMAXezhAILV3_7D1XXDJv3uAIaUBLSeVt5-HFJ34j-CO6F9c8OZsP_Bsns8NNFJToyHN7Qbs9MKi-TuxU9cJhhYgagpCPu1vdlKTSq2iae4giVJWWlaNjXimBW8N38h9900TJl0IbRzd_FKAFoB9U1Yv4BcE_4d4GN09M7XkA6q51yd4EoJv_823UL8sHcERjBVatlAG0cf5WMo38OpXjNvZmL3f_gFRwtQ973MflaolwO34Hpki6AoCXE3pT1mOeyH-hHvn87f5oOhimzP2LdW7eQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvhJCaBE0ZYGNIpbctOUP35eo4AHJntKxXPXalvdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTQ0MjAzMzI2MzYwNTg1MzDIAQmpAtCPQEo8xrE-qAMByAMCqgTJAU_Q4h-qhSqEQCVB7H8IVQXc66BZ5IQZdZAeK5Z1N6PqA4RvZVGlvRKKj1Rc4B3UkESd7Uh0vr_n5Yd761VWfCi6F8Pyi5b8jaxB2bkMatk-BIS-Z-K3dn-SGZJOCp8uaRkZYXfnPWE-ONH3pbX4pZc77yLz-cfDRtexdYrRAC3C28-rgezV5Q5UB9Trr2raXQgTUG-M6HGrxBxvRP1f2bS-yGhksYCj23ipw8q9e5Ca8YW345029K8iDgRl8_w3Z2hnBhdJXg8WaoAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_36lBHBhl-pHRHt3Hs2g0jBSC_cLg%26client%3Dca-pub-4420332636058530%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6750766d21267e2d6cf14d611b62e7508bfc60210eef645c1f0d68a9d02e7890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:59:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=-_XsaqzgpAMQvBrGIDB6ZOJmEnuXcJF9t6XRS8cUuWtPjQLg3aP7xGEp9P7cpW4fY4jy-xpp2f_kfiCCFxnuZHqcvnx75ff6yBAmMNn5uzw6aCgmR_P_pFW8cpQPQLKcXAQZvkwaKQJJLkHIzlpwnnFwDWsVVMgym-kt3T-FneG_VtpyJ3ys9BnehbnYLrBvWTrEIaxhE0K6mnEZLsnxYPpxc_3fImqX7yw8C9yjtv8ENv2d09qNGzp0Lem7Z66OvKu54A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 49703587
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6776 122 KB
43 KB 194ms
84ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTQRaAAItzcGrQuyAAg2INLsyHwDhBIJSL8TrA&u=%7CSHWe8o%2B3t3lUymJ8TzvAJjWX0r9fP34LpFnqSfXksFw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_21K1c8ivcDFWevj8B2CMLVoant61SefYVggU724271W5DPnMYQ7lsIFrtg_8vvWDgVzYd31o-EiqVkVYBedRisL-0FS6uUPDCc-rocsMeFvsOePxiyQU5UelePrP_YDJZTut7vs41AXg5vsrU0YrXD5C2H5Hxpt8vXtFS97Ar91U-liobbBZqda06YlmmWxOnUWfUq9T45gkw4QG2hFVCLR9HweZDgfVQ8CNPxhnVYEeZsn3hy2I5Hf-IbHdb-l5JEJPQqURrNIIFKQ91hZrp4K9jIb2dbQjX65Fdas27CjC69zoYy4BvYSe0yQah4HwC1jUJTGQprlZJAorg621NFatx6hez24KthCPTniwVALFVH92SCSHnh6WmQsUPo1cGxtSqFv5lSMVMKYysG7smMlHYqslDsMGPWyVtVb24As5cEcipqC6EFknYLtlIdmYLYPGXpu37O-cR0yVp4IeHkPiala3tR5ft5nex6vXggbp6Mgd_Z4ezvD_vIX9XsAV4_poCkEg2qs5QVWkIu9Zgb-l2ii7KeixTYdPTu3WFZfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPGKuaBE0ZbfuIrKXtOUPoOygmAjJntKxXI3w4taTAcCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDIwMzMyNjM2MDU4NTMwyAEJqQLQj0BKPMaxPqgDAcgDAqoEzwFP0DHfMzatUXWEWS4_LUpbSAtGJUr8FgUFeS21qsaQZe4WiSEVm-uKv6lwxoeMW7sRkF7TnkLQ1gXZaLH6ol0Tk48YBNWhaeXomXOBii4Wk0b1TcWxpTA74ud0QhwUTej7XxDVp5_2w2fjkoaykbIl1pcr3xVKpE5bk5et1W2B3EDuXa94VmCr1GA9oLmJHFlyW31XPQ0N9PA0BgsuoFccSWmBO7sfF0K6_FTd0Om5OjXEuVM_0-iULuAqbLeatwtDZCKaRzXScwE-4gWYwemABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0QnKPXHU1tR8t7rX8_H00f1JaokQ%26client%3Dca-pub-4420332636058530%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=3967338117&adf=2136182353&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144457&bpp=3&bdt=1209&idt=3&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9OCzdAVM5J&p=https%3A//app.tweakdoor.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8eeff2dc1fec78d5b80a1085be44f06312e1fd6eb0bf18207beeca840f560530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:59:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=WXDM_azgpAMQvBrGKlDjK6y6YzwqBZsfSFpJ83aTd4m8easvwoExfZcOpBOWQWixvuFtuPC3n0j44k-oSe5ztsM7SpehKfGPTfLKa7PmJY3lq4Ht5Fa4MzzAF17HHMGNobYziyXfZiXHTF5Tn5mj_a_rGxIrMsD4ISzmnOTS4Tv8GHCbxxIzEJ4GzvmQAJnCN_xtpmbdEcO6HBZRkDvOeyNO2LFnvc-_7mKlfhSVe_zDsmt4N7SD30qEy6Ie0XgGlHMArg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 42395104
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ Frame A1FF 14 KB
1 KB 34ms
33ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 21 Oct 2023 17:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 17:33:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Oct 2023 17:59:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame A1FF 2 KB
879 B 28ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 00:02:34 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame A1FF 23 KB
9 KB 29ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 00:02:34 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5C1C 143 B
166 B 36ms
32ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3043
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:08:21 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame A1FF 3 KB
1 KB 33ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 13:29:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 13:29:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame A1FF 20 KB
8 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 00:02:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1FF 187 KB
59 KB 76ms
73ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 17:59:04 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame A1FF 35 KB
15 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 00:02:34 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 7978
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1

43 B
333 B

49ms
47ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY4MCHvQEwAQ&v=APEucNWbZDDMZFcH6wZ0PaBcXuClJLRtcoFw6O0bEtVpNPojNFz85XifRAo0Tzbwnc5lXCmOygEr_dEriUgjfiZLjcSJdonPzabH4RodwOXs_E3mmqHlr-e_o_M4I5_Jq9zLWHVk9EAKU-7P-bUnoTej7aNPYYVh2PoZqKsG8eHyrT5VAmSAtI8
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pp5aVNq5xNHnuSVVumtv8ipS7wmez2ffqDaOZEoEvEz1uqnGXfEOs3GOV29QlGln7fsljZaH4Zq08jJmJY%2FVw9KnXjc2iM2KptAe1bgn8MC7xxeCXCtzXYSeE04TZfWjsi38viNap2CbXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 819b64712aaf1d8a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7978
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTQRadIUW.vwFnOwNORGwgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1&google_hm=2

43 B
774 B

46ms
46ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY4MCHvQEwAQ&v=APEucNWbZDDMZFcH6wZ0PaBcXuClJLRtcoFw6O0bEtVpNPojNFz85XifRAo0Tzbwnc5lXCmOygEr_dEriUgjfiZLjcSJdonPzabH4RodwOXs_E3mmqHlr-e_o_M4I5_Jq9zLWHVk9EAKU-7P-bUnoTej7aNPYYVh2PoZqKsG8eHyrT5VAmSAtI8
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96X%2FkCO%2F%2B7XvYnZ7H8Rq1A4OlNRkLjHD8qGfeauBEGDDV3okfAVkSh8QCJekK7nro%2BBTmm8dDm9VeodxbArjDUZjZd6Qb821XrNhULjxHw%2FPcauAnzSjNByRV1sfSnr3go46mo4JO4K%2BNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 819b6471da159951-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 7978
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJJxCUCcNs9wwxtHZYfhA8U&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJJxCUCcNs9wwxtHZYfhA8U%26google_cver%3D1

43 B
891 B

39ms
35ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJJxCUCcNs9wwxtHZYfhA8U%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY4MCHvQEwAQ&v=APEucNWbZDDMZFcH6wZ0PaBcXuClJLRtcoFw6O0bEtVpNPojNFz85XifRAo0Tzbwnc5lXCmOygEr_dEriUgjfiZLjcSJdonPzabH4RodwOXs_E3mmqHlr-e_o_M4I5_Jq9zLWHVk9EAKU-7P-bUnoTej7aNPYYVh2PoZqKsG8eHyrT5VAmSAtI8

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
an-x-request-uuid: c42f5575-6fd5-4af2-aed0-ec71dccc5458
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
an-x-request-uuid: eb95317a-69bd-4118-8b85-df317794b591
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJJxCUCcNs9wwxtHZYfhA8U%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.28; 217.114.218.28; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7978
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1MzY1OTI1NzcxNTUxMzk0Ng%3D%3D

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1MzY1OTI1NzcxNTUxMzk0Ng%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
an-x-request-uuid: f73f0741-6f18-40f8-bd03-8c8676569610
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1MzY1OTI1NzcxNTUxMzk0Ng%3D%3D
x-proxy-origin: 217.114.218.28; 217.114.218.28; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6BBE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08277439bd8ce6ab955a823c410fd1ca6cf33dd8a9de077eee83adf5ee93e1fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A5F 0
20 B 164ms
163ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5487038228252&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A5F 0
20 B 168ms
167ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5487038228252&version=m202309260101&ct=77&x=1&cor=8092193803626571000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9A5F 16 KB
12 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhBzb8XuWV8-AvguTiYdH72DtIW1RpJoy2_rmbwTrhvIHIsa60AubmfT3gIMEXrGE8CHxpM-F_Gr2nvbQ9rvsrg1rGwvTI4KZpUm3e_p8mXWi_xGjbqyDvft502N3NmHTs_aoct27eaHOKfMp2icA3FziqdleuvRCxFs4BudKainyGDfI&cry=1&dbm_d=AKAmf-BJqHROvGHkAqRqyZPxR0BBfkcJChYz6RAsmqhh3RkZroCt0sO-3pfbFvDmD5pbQlqYmPIRU_3zcDY_GHH-QMgqrgHjcrNrsSZTz2420yhfBW1okQf1J-lzBfb0zamtwRWWTkoZFVqxWPljhXps9_9au3G4asmK_tSyjnnW5q_6U3FiW-ReZSi9enc97vJFZE1_In3xs1EejbTFhskfzXAkpf-83IJhnfNx1NYe76-DYjpwUimo1IWw5gocdDX1EsneoPcMTFWwypG4ptwNVV3foI56JTm_A0L3q35x81Wk68XP9ht3Y5EafMEperHjGtWX-OMB3O3jLwX4l_qAs3RLWDEX1faVvaVnZQXaGuQjNDletaKGC2Gax6q5WkQfBwi5V8-iLWUiyGoabw24gmdGIMdtG-dRZRtXpim2rOZvY8CD7FjAarQ-mJmiqiCej7EVJz9GLdFfJQoyMn1ZS_99aICadjHQKXdAZQaghCf51sHF16Xg7TryGSqA_0W1aAGCDjfbnKMXrHlc3VI3M6RSRla5x_9D8OumIDAe6pCFnptRAsGP8BQXhf1fmSU2pHwQuCbxcLbRyKvHWCN2_uM0jbTd5HR0ou8eSS_gmT-z6ueaP9DTSkFrQZqtQ_B1Gm2kSZlgT8Vioj01FnVC0NvTiBhpphFCovgZ6atFU4UHZwqa6H0umI10VKCoHSHgxRVpbXyLaFBpm4Dk3yYiPZXqIjLaSKqlgmK7UQE3lkHPLwEwpwGhdOxVsyvqfpy04fK5U8iEhiRGYEbmjTNEASRMI7CWUx_y7Lb4bWS2oUOWSjv2ady2DnS2ZyoAZPrJskWN7kPh0f3Afu00i9_f6SAkjF5KaUdpSivuW0lkatox4xM6LtAaAiq-3lCLZZ1vINFnRXKIQQokFS2hL13vpHiT-bXwi1mgnLjGDjlnAEKH5gSSSnbalsjSZTIDLR32bGYSbfG_NQn-FfPj6fOn90SIq24ssfNJFTPyRuiMWpclEGgCDL8_UgwIjNDGZBfxoti64MeAxyhoHMO89c8LZZc-h5c2c7LoDJWPsE2u0mQyjHewg43zvuzB6M3GQG597oPH_OinHJxGMtB_pQtsPdfX2jx_nrvhloi2ZY6Z6UuCOuDFp_yP0WLnzAgenu0aSJzvA8S70L--nwx2YagO-TsQNdG7KOt3c1673N29aew3syj0ELOeOe7GFrNxXCefZm0ONXU4PH7hjY14ZVHDnHSOm1mhj-u3DCce3ui3ThjDMgzZyR69qsYkwxcmFoSjeEz8mq2C-RBFlADgPOgNYUZjurn-8BUi8MvenNa9YUF01uvJ3Y1ZUXzwoL-Zprl7rAo_-nhVuEj3SQ3fBRrmX79NX0ftM5XRGW8jUlzydwrKURj-LhpgVaqQXguaQbjMWnQUELuYpUtWPHN6P_oab7tm-atuyrrCA2iWA4uCMQZGz9Z7gfGcpHc8MuJDHAMYBTLA0A-TU71PdWx85dmzmao1zD3tmad-OBi0CJ4yOX13dwZ94tV3xZ9wf0oOsYlDJMavV9rifoXY40Mnv6biosCewlu7KXF0MXKLdQM3fqUEZCDATxGNkfiA9xZu6MQPiX7FCsdHrfDkYVR8cqdHVlt2JZS26euU3vV0wKan9n-rpEmWv7RjvgDJQqt7-9HTNQ8iMF-R9jC0Vc9JUCASw8Qa6o5ECNObRbnvEwsCc4myyuJLH7eQ7K8aIFdHGRwEcbfdDqtsDzEgRVqmGBvm6lMQhiXTGxrgmArI7VA38rasAqxdJzlcP7nxuj7dgsBSTgTAsHcM81nBMRnaT301G8ozVMdaWugVbKGqFeuBxGGWGcxTmGl68X4xqgmEkBV1w1N4skELWjwLz6z75Vi5ME4eRxSeWKlClI1jlQQrCA045DF3Sf-K9C2VzDMOA0bbWF7pwTvaV5WmFUJf7eoQ00NfgZIyyB-X9fL3VV-1ZlztB0Qpw3mFV-O2boUg35Ew0lT5tKzqqoWL3OJGc_NO0ATNEqLRygVHzgikKIskr8YzPTByWtliD8PghNk_zSr2a4CbIGWhHwlnTw9Uk3jJWYD7_5g_F0OYgnuS9RMZZZviwV4FKlBmvgPcYNiO1ZSMbUKCqkY3M3_X4rIsSCLJZNR1tBqwsULvYGim6lB0qk-0y9lIxkIJIEZDRQX36XQwGCRG2NJt-z7l9qavv6_5SRrRjlT8hAuCb_MS7ML-_c-xsDYpCWGxPz_0hPeAUngH_E8pqVU9z6uNfo_L-P5RtuVJKeOAVCHevyrDOncXmCe6Fjvr4iNa2Hv50_3eVJM_iW-ARUbDQIa86MeuqgBCmF6d6uJwLhXv1KWmcRkpKMVbQbMXNAaUUsDDxAI-7QyzHGNyYL5-yv87TTL7zpAUCgIsCRXQODJEzyBLnJFHE7au2qniwME555ESFS9WU_ScE8QsBQTEi5fRhBtIs72BIFWj9hoEMwTA8Pk8fqwNaKnFmG1-vYjxcbcDGQEAOGx2OPrMN0qVARGh2yZiCgQ8aK1vvdwr-yZp1e0ALTcziMbGtZommgcQbbZVpcMDm9-mz0ZqOUZsSSoe87l3vE5kKlmAw0XP1JuEEhnPphwqg_n5NPN-4kdo6XcDRgAwcyvI7Q9qgFz6voWkZJLRY1gJ4RlO1RnH8zHrEsp00-It7Fqtb-CPCJ38ZKpWf4-HrcPl23Q4XfKtDyhnXBbUw3GRYVAk7VVs1dvmfUvAjDqE1C8UjU0f8TLIuDUH2AESNejB8aS8WoPlECLWcoJAyB0Vwc32e1xhkkKRLURKxG0FIcEhoEjC_7QtG54HtD9KP013uoAoY-sM7AQnJ5O5GwUIIDvU1dPfOr8I0Wp09k6gLd-cHqeUnEUaE3GdnoCp77gnMn4vxaoGBCS-mann96IcIaJ86TwrXxyd8FDFWBdkOLxhkKp_JXLGeJmlyx7-RHoiicF9I08QaaCySZ6vFPBlgCLYz5rsh5lH_HFTM0whDEM0Xu96dtuY0K658AcJ5g1Xhi-T8a-YTWWsqBB9QvpoXPm7NEOQML9slJ1uteIrDgH1VDwt9RFzU3M7hGXtZ0qU1a1ZFMKETlgESonXO9edie0s749VjHdgmOYN4RHRioQLk5SKoiuIu_Xdgf61f-hvuvVW-luew4XlqefQa5PrVrZv33hsItonySPhk3ECHa0kTEQ8e0M_TUfIIj602J6heT65gZ2i-5mMtkLNund0KkYyUkMovALXfJnyTg3jvbdPJe49NqcGVRT3QE-iEGkXK26KZ4zEqRbvI7N9XCU4QPSRE-iWqxhezpEKNzpx22u38IF_99hGvcjzRyTEyBfKMFuYEJwsMqcv8Yu6RfzVvNMyssVYQj_UPc9KpAQos9CEX3MbPZ6nPNteFNjCFiyPlyRl44zT-AbclwqPq8yLLeXCMxcFQwnm1hyV_Fh8fXJfqJXBoW-aNC1Tn2OiO9OwJyQVyCL9JRs18047Tv1pocE0MiAL3erGXjrwS_jwy6AluIa5LhGnS2HCuVugyUOTvPs8UEMGLdx4FlOpca8IayxywPNmwvteU1y08R2TsbWQj_7magYL3HjBssAP5vk8F9tC1b-ldt3cNn1iPYzCsnt-zc8bYmVnUiydfB1dV_4_NFUPYGMq8hncNeFt2yPL-_YDHvfcgrPJe7RfgfAQToZt-lJUFKkyBUrfDM9s3nE6w4DLwQ4EXERBkxFAv96jw3lukJSWalwCaIfNsUN3d3vLZUIL_ZPdQtfngzO-_uv_YvI3sh3fmv1IMeXlSU8oeIh6JSiS&cid=CAQSTADICaaNFouR-KNGFnIah-F3QJf5gstLv2cEcT0lSw9prJqtEuRCxcoGmx5Hg7y9e1ysVvEU8iT_N7SADReZ5T_fDgZxFyTxiPXctpEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fapp.tweakdoor.com%2F&ds=l&xdt=1&iif=1&cor=8092193803626571000&adk=929882891&idt=130&cac=0&dtd=35

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7b0697f95dabd66edbfefcf7c37e27f6137b33b39a89dd17d191bc733207367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12371
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame AE02 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7596687e7da6a274ec7a55ffd9080fe970167053bbf83e85e2762b73f6afae16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5C1C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
50ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:59:05 GMT
expires: Sat, 21 Oct 2023 17:59:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:59:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6776 2 KB
1 KB 119ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTQRaAAItzcGrQuyAAg2INLsyHwDhBIJSL8TrA&u=%7CSHWe8o%2B3t3lUymJ8TzvAJjWX0r9fP34LpFnqSfXksFw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_21K1c8ivcDFWevj8B2CMLVoant61SefYVggU724271W5DPnMYQ7lsIFrtg_8vvWDgVzYd31o-EiqVkVYBedRisL-0FS6uUPDCc-rocsMeFvsOePxiyQU5UelePrP_YDJZTut7vs41AXg5vsrU0YrXD5C2H5Hxpt8vXtFS97Ar91U-liobbBZqda06YlmmWxOnUWfUq9T45gkw4QG2hFVCLR9HweZDgfVQ8CNPxhnVYEeZsn3hy2I5Hf-IbHdb-l5JEJPQqURrNIIFKQ91hZrp4K9jIb2dbQjX65Fdas27CjC69zoYy4BvYSe0yQah4HwC1jUJTGQprlZJAorg621NFatx6hez24KthCPTniwVALFVH92SCSHnh6WmQsUPo1cGxtSqFv5lSMVMKYysG7smMlHYqslDsMGPWyVtVb24As5cEcipqC6EFknYLtlIdmYLYPGXpu37O-cR0yVp4IeHkPiala3tR5ft5nex6vXggbp6Mgd_Z4ezvD_vIX9XsAV4_poCkEg2qs5QVWkIu9Zgb-l2ii7KeixTYdPTu3WFZfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPGKuaBE0ZbfuIrKXtOUPoOygmAjJntKxXI3w4taTAcCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDIwMzMyNjM2MDU4NTMwyAEJqQLQj0BKPMaxPqgDAcgDAqoEzwFP0DHfMzatUXWEWS4_LUpbSAtGJUr8FgUFeS21qsaQZe4WiSEVm-uKv6lwxoeMW7sRkF7TnkLQ1gXZaLH6ol0Tk48YBNWhaeXomXOBii4Wk0b1TcWxpTA74ud0QhwUTej7XxDVp5_2w2fjkoaykbIl1pcr3xVKpE5bk5et1W2B3EDuXa94VmCr1GA9oLmJHFlyW31XPQ0N9PA0BgsuoFccSWmBO7sfF0K6_FTd0Om5OjXEuVM_0-iULuAqbLeatwtDZCKaRzXScwE-4gWYwemABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0QnKPXHU1tR8t7rX8_H00f1JaokQ%26client%3Dca-pub-4420332636058530%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Oct 2024 17:59:05 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6776 2 KB
1 KB 120ms
40ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Oct 2024 17:59:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6776 308 B
636 B 68ms
45ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 15 Oct 2024 17:59:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6776 293 B
621 B 95ms
73ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 15 Oct 2024 17:59:05 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 6776 43 B
348 B 113ms
31ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ACDGT96CE6D-1zVCyUDLT1rTLHStdzpzsRs8HFkmk5C_93aA5mngS6qcSAstGAXiDNGa6JlwZlfAVpapyPfzi5xb-oRluKYy07-WtPpLjFNWOpwxVryvO4lgaQjNdVwXIldoYnl3GEVlln21_vtYYJTCwL9EIr8SXXYTVxx8vCTrioFnm-KI-krwPXU9S6KM0TQ8WPFnriExnKPIyw1cTmdh2HpqjGGWSMfORuOU1qdytvdbpFc6lijVzfG0lis2cgmM4_sYvIv2-5mcmZE4rXvRtOk--9nmi3F1RfXK23TapewzNUAovrYrwxW4-0d-Cg7B2Fkr3AjCkQxvu-Mw7JTUtB0lAMRvE1tlelfIUiGWu0g1qvcPKXLZb-6z4l_jvWH5GYy1_sW9dBx-lQoss50PLiIfoIrONphpRxWUuEHUBJgnH9ZkVnE0BaJ0BMtzD_hPsA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1513245
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6776 12 KB
6 KB 60ms
44ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Oct 2024 17:59:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AE02 0
19 B 70ms
68ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ci51baBE0ZYGNIpbctOUP35eo4AHJntKxXPXalvdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTQ0MjAzMzI2MzYwNTg1MzDIAQmpAtCPQEo8xrE-qAMByAMCqgTGAU_Q4h-qhSqEQCVB7H8IVQXc66BZ5IQZdZAeK5Z1N6PqA4RvZVGlvRKKj1Rc4B3UkESd7Uh0vr_n5Yd761VWfCi6F8Pyi5b8jaxB2bkMatk-BIS-Z-K3dn-SGZJOCp8uaRkZYXfnPWE-ONH3pbX4pZc77yLz-cfDRtexdYrRAC3C28-rgezV5Q5UB9Trr2raXQgTUG-M6HGrxBxvRP1f2bT8ykn2MRNz5t555BAxW3k-_6K9VZcY7C2WxjnDAUMpS3D_zINpt4AG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ0MjAzMzI2MzYwNTg1MzAYAA&sigh=0pQdlpIs4fY&uach_m=[UACH]&cid=CAQSSwDICaaNGrmQesHyAC0DUR67Gux5ZbNJSgZnYuFqxB3_U3OIYz10NOofNWpiRHuzLGRPyaLoVhLouSkBQL2txEXkqtkKtJ6gViTFcBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=3365500179&adk=1522550357&adf=1154629289&pi=t.ma~as.3365500179&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144441&bpp=5&bdt=1193&idt=5&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600%2C728x280&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Kwt27huu6k&p=https%3A//app.tweakdoor.com&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 21 Oct 2023 17:59:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame AE02 0
126 B 153ms
35ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGMz6RLAJmAKdg2ICAgAAABoyXc2rZe32EGgRNGXxXSdwhUiKqyuDAAASAAAKCkFRVUJBUUVCQVE&wp=ZTQRaAAIhoEGrS4WAAoL3zOyc6h4SCIeR87j-g&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 129203
server: Kestrel
content-length: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9A5F 41 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhBzb8XuWV8-AvguTiYdH72DtIW1RpJoy2_rmbwTrhvIHIsa60AubmfT3gIMEXrGE8CHxpM-F_Gr2nvbQ9rvsrg1rGwvTI4KZpUm3e_p8mXWi_xGjbqyDvft502N3NmHTs_aoct27eaHOKfMp2icA3FziqdleuvRCxFs4BudKainyGDfI&cry=1&dbm_d=AKAmf-BJqHROvGHkAqRqyZPxR0BBfkcJChYz6RAsmqhh3RkZroCt0sO-3pfbFvDmD5pbQlqYmPIRU_3zcDY_GHH-QMgqrgHjcrNrsSZTz2420yhfBW1okQf1J-lzBfb0zamtwRWWTkoZFVqxWPljhXps9_9au3G4asmK_tSyjnnW5q_6U3FiW-ReZSi9enc97vJFZE1_In3xs1EejbTFhskfzXAkpf-83IJhnfNx1NYe76-DYjpwUimo1IWw5gocdDX1EsneoPcMTFWwypG4ptwNVV3foI56JTm_A0L3q35x81Wk68XP9ht3Y5EafMEperHjGtWX-OMB3O3jLwX4l_qAs3RLWDEX1faVvaVnZQXaGuQjNDletaKGC2Gax6q5WkQfBwi5V8-iLWUiyGoabw24gmdGIMdtG-dRZRtXpim2rOZvY8CD7FjAarQ-mJmiqiCej7EVJz9GLdFfJQoyMn1ZS_99aICadjHQKXdAZQaghCf51sHF16Xg7TryGSqA_0W1aAGCDjfbnKMXrHlc3VI3M6RSRla5x_9D8OumIDAe6pCFnptRAsGP8BQXhf1fmSU2pHwQuCbxcLbRyKvHWCN2_uM0jbTd5HR0ou8eSS_gmT-z6ueaP9DTSkFrQZqtQ_B1Gm2kSZlgT8Vioj01FnVC0NvTiBhpphFCovgZ6atFU4UHZwqa6H0umI10VKCoHSHgxRVpbXyLaFBpm4Dk3yYiPZXqIjLaSKqlgmK7UQE3lkHPLwEwpwGhdOxVsyvqfpy04fK5U8iEhiRGYEbmjTNEASRMI7CWUx_y7Lb4bWS2oUOWSjv2ady2DnS2ZyoAZPrJskWN7kPh0f3Afu00i9_f6SAkjF5KaUdpSivuW0lkatox4xM6LtAaAiq-3lCLZZ1vINFnRXKIQQokFS2hL13vpHiT-bXwi1mgnLjGDjlnAEKH5gSSSnbalsjSZTIDLR32bGYSbfG_NQn-FfPj6fOn90SIq24ssfNJFTPyRuiMWpclEGgCDL8_UgwIjNDGZBfxoti64MeAxyhoHMO89c8LZZc-h5c2c7LoDJWPsE2u0mQyjHewg43zvuzB6M3GQG597oPH_OinHJxGMtB_pQtsPdfX2jx_nrvhloi2ZY6Z6UuCOuDFp_yP0WLnzAgenu0aSJzvA8S70L--nwx2YagO-TsQNdG7KOt3c1673N29aew3syj0ELOeOe7GFrNxXCefZm0ONXU4PH7hjY14ZVHDnHSOm1mhj-u3DCce3ui3ThjDMgzZyR69qsYkwxcmFoSjeEz8mq2C-RBFlADgPOgNYUZjurn-8BUi8MvenNa9YUF01uvJ3Y1ZUXzwoL-Zprl7rAo_-nhVuEj3SQ3fBRrmX79NX0ftM5XRGW8jUlzydwrKURj-LhpgVaqQXguaQbjMWnQUELuYpUtWPHN6P_oab7tm-atuyrrCA2iWA4uCMQZGz9Z7gfGcpHc8MuJDHAMYBTLA0A-TU71PdWx85dmzmao1zD3tmad-OBi0CJ4yOX13dwZ94tV3xZ9wf0oOsYlDJMavV9rifoXY40Mnv6biosCewlu7KXF0MXKLdQM3fqUEZCDATxGNkfiA9xZu6MQPiX7FCsdHrfDkYVR8cqdHVlt2JZS26euU3vV0wKan9n-rpEmWv7RjvgDJQqt7-9HTNQ8iMF-R9jC0Vc9JUCASw8Qa6o5ECNObRbnvEwsCc4myyuJLH7eQ7K8aIFdHGRwEcbfdDqtsDzEgRVqmGBvm6lMQhiXTGxrgmArI7VA38rasAqxdJzlcP7nxuj7dgsBSTgTAsHcM81nBMRnaT301G8ozVMdaWugVbKGqFeuBxGGWGcxTmGl68X4xqgmEkBV1w1N4skELWjwLz6z75Vi5ME4eRxSeWKlClI1jlQQrCA045DF3Sf-K9C2VzDMOA0bbWF7pwTvaV5WmFUJf7eoQ00NfgZIyyB-X9fL3VV-1ZlztB0Qpw3mFV-O2boUg35Ew0lT5tKzqqoWL3OJGc_NO0ATNEqLRygVHzgikKIskr8YzPTByWtliD8PghNk_zSr2a4CbIGWhHwlnTw9Uk3jJWYD7_5g_F0OYgnuS9RMZZZviwV4FKlBmvgPcYNiO1ZSMbUKCqkY3M3_X4rIsSCLJZNR1tBqwsULvYGim6lB0qk-0y9lIxkIJIEZDRQX36XQwGCRG2NJt-z7l9qavv6_5SRrRjlT8hAuCb_MS7ML-_c-xsDYpCWGxPz_0hPeAUngH_E8pqVU9z6uNfo_L-P5RtuVJKeOAVCHevyrDOncXmCe6Fjvr4iNa2Hv50_3eVJM_iW-ARUbDQIa86MeuqgBCmF6d6uJwLhXv1KWmcRkpKMVbQbMXNAaUUsDDxAI-7QyzHGNyYL5-yv87TTL7zpAUCgIsCRXQODJEzyBLnJFHE7au2qniwME555ESFS9WU_ScE8QsBQTEi5fRhBtIs72BIFWj9hoEMwTA8Pk8fqwNaKnFmG1-vYjxcbcDGQEAOGx2OPrMN0qVARGh2yZiCgQ8aK1vvdwr-yZp1e0ALTcziMbGtZommgcQbbZVpcMDm9-mz0ZqOUZsSSoe87l3vE5kKlmAw0XP1JuEEhnPphwqg_n5NPN-4kdo6XcDRgAwcyvI7Q9qgFz6voWkZJLRY1gJ4RlO1RnH8zHrEsp00-It7Fqtb-CPCJ38ZKpWf4-HrcPl23Q4XfKtDyhnXBbUw3GRYVAk7VVs1dvmfUvAjDqE1C8UjU0f8TLIuDUH2AESNejB8aS8WoPlECLWcoJAyB0Vwc32e1xhkkKRLURKxG0FIcEhoEjC_7QtG54HtD9KP013uoAoY-sM7AQnJ5O5GwUIIDvU1dPfOr8I0Wp09k6gLd-cHqeUnEUaE3GdnoCp77gnMn4vxaoGBCS-mann96IcIaJ86TwrXxyd8FDFWBdkOLxhkKp_JXLGeJmlyx7-RHoiicF9I08QaaCySZ6vFPBlgCLYz5rsh5lH_HFTM0whDEM0Xu96dtuY0K658AcJ5g1Xhi-T8a-YTWWsqBB9QvpoXPm7NEOQML9slJ1uteIrDgH1VDwt9RFzU3M7hGXtZ0qU1a1ZFMKETlgESonXO9edie0s749VjHdgmOYN4RHRioQLk5SKoiuIu_Xdgf61f-hvuvVW-luew4XlqefQa5PrVrZv33hsItonySPhk3ECHa0kTEQ8e0M_TUfIIj602J6heT65gZ2i-5mMtkLNund0KkYyUkMovALXfJnyTg3jvbdPJe49NqcGVRT3QE-iEGkXK26KZ4zEqRbvI7N9XCU4QPSRE-iWqxhezpEKNzpx22u38IF_99hGvcjzRyTEyBfKMFuYEJwsMqcv8Yu6RfzVvNMyssVYQj_UPc9KpAQos9CEX3MbPZ6nPNteFNjCFiyPlyRl44zT-AbclwqPq8yLLeXCMxcFQwnm1hyV_Fh8fXJfqJXBoW-aNC1Tn2OiO9OwJyQVyCL9JRs18047Tv1pocE0MiAL3erGXjrwS_jwy6AluIa5LhGnS2HCuVugyUOTvPs8UEMGLdx4FlOpca8IayxywPNmwvteU1y08R2TsbWQj_7magYL3HjBssAP5vk8F9tC1b-ldt3cNn1iPYzCsnt-zc8bYmVnUiydfB1dV_4_NFUPYGMq8hncNeFt2yPL-_YDHvfcgrPJe7RfgfAQToZt-lJUFKkyBUrfDM9s3nE6w4DLwQ4EXERBkxFAv96jw3lukJSWalwCaIfNsUN3d3vLZUIL_ZPdQtfngzO-_uv_YvI3sh3fmv1IMeXlSU8oeIh6JSiS&cid=CAQSTADICaaNFouR-KNGFnIah-F3QJf5gstLv2cEcT0lSw9prJqtEuRCxcoGmx5Hg7y9e1ysVvEU8iT_N7SADReZ5T_fDgZxFyTxiPXctpEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fapp.tweakdoor.com%2F&ds=l&xdt=1&iif=1&cor=8092193803626571000&adk=929882891&idt=130&cac=0&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 239248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:31:37 GMT

GET
H/1.1 200
OK dvbs_src_internal122.js Show response
cdn.doubleverify.com/ Frame 9A5F 60 KB
20 KB 25ms
25ms Script
application/javascript 2a02:26f0:480:15::213:7e52
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=4172027&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0i4OGzC22M13cbfqMrqLNGO&DVP_DBM_1=3060631&DVP_DBM_2=24779292&DVP_DBM_3=15170489244&DVP_DBM_4=396484704&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=762280502321&turl=https://app.tweakdoor.com/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:15::213:7e52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:59:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 09:51:46 GMT
Server: UploadServer
ETag: "676309fe6e3823d28d9b38e6462bb025"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19669
Expires: Sun, 20 Oct 2024 17:59:05 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9CD7 2 KB
1 KB 51ms
45ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTQRaAAIhoEGrS4WAAoL3zOyc6h4SCIeR87j-g&u=%7CSHWe8o%2B3t3l3QDaEFyO5wcmYArc3lK33J55%2FU7TsKV0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_21K1c8ivcDFV7V8__Or_Hq7YrUcrGQm3G8VawK9pcMFJRfkwX4Dbg4gky-g1kXhABx2X4aXEhK1x2-QOGzkaIwAI09ujDGP-mOFZURJEHv9X4QIQnJq23vcLOPs9fJB65B9zSuynUxffOheoYxcdjULKRPAL8mWgaD9yczNo7BxIKg3jd-jCZ3MFLbH3qYl3oqNqISDY0xc9EE-8HZ3mnrFoWyL2tiNZsoXIQibMVJK8NKvV9vCeI5g7RbubnyBbE4oofCE_qvl8OKDReFyMAXezhAILV3_7D1XXDJv3uAIaUBLSeVt5-HFJ34j-CO6F9c8OZsP_Bsns8NNFJToyHN7Qbs9MKi-TuxU9cJhhYgagpCPu1vdlKTSq2iae4giVJWWlaNjXimBW8N38h9900TJl0IbRzd_FKAFoB9U1Yv4BcE_4d4GN09M7XkA6q51yd4EoJv_823UL8sHcERjBVatlAG0cf5WMo38OpXjNvZmL3f_gFRwtQ973MflaolwO34Hpki6AoCXE3pT1mOeyH-hHvn87f5oOhimzP2LdW7eQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvhJCaBE0ZYGNIpbctOUP35eo4AHJntKxXPXalvdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTQ0MjAzMzI2MzYwNTg1MzDIAQmpAtCPQEo8xrE-qAMByAMCqgTJAU_Q4h-qhSqEQCVB7H8IVQXc66BZ5IQZdZAeK5Z1N6PqA4RvZVGlvRKKj1Rc4B3UkESd7Uh0vr_n5Yd761VWfCi6F8Pyi5b8jaxB2bkMatk-BIS-Z-K3dn-SGZJOCp8uaRkZYXfnPWE-ONH3pbX4pZc77yLz-cfDRtexdYrRAC3C28-rgezV5Q5UB9Trr2raXQgTUG-M6HGrxBxvRP1f2bS-yGhksYCj23ipw8q9e5Ca8YW345029K8iDgRl8_w3Z2hnBhdJXg8WaoAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_36lBHBhl-pHRHt3Hs2g0jBSC_cLg%26client%3Dca-pub-4420332636058530%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Oct 2024 17:59:05 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9CD7 2 KB
1 KB 50ms
44ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Oct 2024 17:59:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9CD7 308 B
636 B 38ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 15 Oct 2024 17:59:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9CD7 293 B
621 B 38ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 15 Oct 2024 17:59:05 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 9CD7 43 B
347 B 31ms
31ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=vUuAm96CE6D-1zVCyUDLT1rTLHQRxj3mCC9c0uXSElTcAaxjpP8o_awVvHwedt0yFUuFy85eLj_yKXecn1Qt0dtGID2GiaGrYi94I6yiY-7SsiQ1TZfVhcNyQFEAzDnqlMOlYSwO4t-Q9IkxISusZv_uDv8qGlqisEUplG3ENf_mVpTqzPHKV7oGoSJ52gB9-sKKxcUrFS5P__eTAULypfsMBEEpVL7BGYhYhwOWW6ljc49Gw4csiqhIGHswUBKbmzs-_JdkjrfVYCi_IwIjWaY2XEaRRtXl_xdws1COfQP-qi_9doCgKY98yN5-qY3sXT0gsdIx8n_aawls5KZ32ZFNFzeiNoTZ9STuck3iJ1XvwSeQ47U22YgGgyoJHnhUioO4MK5DGca3iY42Gqjv6sB02XTmpB4lP5duTmf77CEEQXjZ4beVBwjquiQBEPxYN3ShKA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1454834
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 473C 0
45 B 522ms
145ms Ping
image/gif 2607:f8b0:4003:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lo0cggdx&c=3998172496466&slotId=1999086248233&qqid=CLmshfXbh4IDFUkVrQYd1iMOAQ&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c13::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 473C 15 KB
16 KB 80ms
23ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 03:37:30 GMT
x-content-type-options: nosniff
age: 224495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 03:37:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 473C 15 KB
15 KB 80ms
29ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 16:12:51 GMT
x-content-type-options: nosniff
age: 179174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 16:12:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 473C 0
20 B 170ms
170ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CichnaBE0ZbnYIMmqtOUP1se4CMTlwOhwpbbs6qkRj8i-wM88EAEg_fzbKGCVgoCAmAegAYLk69ApyAEFqAMByAObBKoE9gFP0Np2tRA_IM67QiYVdgnRCmxQU_7ogmG5r4or7k1JIBw3duylCI7FRPfVxRtf29RVG_xK4oS4dAAxwcCkdlbKrTA8_cT_XlUvMs04Iu0SOftWZnsQRMkUnS1K67YVqsDSYTxFHNUqq_EFe78c_F1U0LiQP_hnWxeU9aMOmxC0YnB8F06Zdi0YVQg9I5gZfDJV8k3IvCQXCejSNkvwnQRyF4npB2Avo3VHX4iVrDhkXeaxUjDw5mXwHILfz4n-yjdwxp9tFDyck5kQU9k6IhHkcR3qL8ZZti8JMO_Rq02lvYqA3oIfpQN9lqxtio0-VXnNdgk_XHvABPnVl4arBOAEA4gFx8K3okuQBgGgBnmAB4KcvLAEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGiDAwqCgoI5LSxAu61sQKqDQJERbATvYGTFdATANgTDYgUAdgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1697911145299&ai=CichnaBE0ZbnYIMmqtOUP1se4CMTlwOhwpbbs6qkRj8i-wM88EAEg_fzbKGCVgoCAmAegAYLk69ApyAEFqAMByAObBKoE9gFP0Np2tRA_IM67QiYVdgnRCmxQU_7ogmG5r4or7k1JIBw3duylCI7FRPfVxRtf29RVG_xK4oS4dAAxwcCkdlbKrTA8_cT_XlUvMs04Iu0SOftWZnsQRMkUnS1K67YVqsDSYTxFHNUqq_EFe78c_F1U0LiQP_hnWxeU9aMOmxC0YnB8F06Zdi0YVQg9I5gZfDJV8k3IvCQXCejSNkvwnQRyF4npB2Avo3VHX4iVrDhkXeaxUjDw5mXwHILfz4n-yjdwxp9tFDyck5kQU9k6IhHkcR3qL8ZZti8JMO_Rq02lvYqA3oIfpQN9lqxtio0-VXnNdgk_XHvABPnVl4arBOAEA4gFx8K3okuQBgGgBnmAB4KcvLAEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGiDAwqCgoI5LSxAu61sQKqDQJERbATvYGTFdATANgTDYgUAdgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 473C 0
234 B 495ms
144ms Ping
image/gif 2607:f8b0:4003:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lo0cgggl&c=3998172496466&slotId=1999086248233&qqid=CLmshfXbh4IDFUkVrQYd1iMOAQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.op&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c13::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 473C 24 KB
16 KB 138ms
61ms XHR
text/xml 64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B_DTnbqDNPdbBzHT_a7AMzq9dYybeOjSa3OuF_KqPfhSQ4COAM93V2VwHxZZsbhfioPbYiBb3OLQoF9TDfakRDVkyRfg&cry=1&dbm_d=AKAmf-AIbSWO2tMI5-mf1Yh5kPgAJpi89wLOGEL_69dSdlvTuDal_Fvje_P4teFq16lD6td8N8LiT9v24kovek-nQPUVCUnC2Uc7I_IMTZu3dgNVnfS2pze7Q0YfKf8SdJk0Moa-8_f76BFUDjRV7-pa80i_KyrtF5LQ2KDytPZAroQmHaAIa-AqAEg72lKU0gJ1GMG2RQMSNoFI7vaeoB0ggW1nMLzkhDPkSQX0wCJwW_V0gaysAJkYy1UvtLT_2tkursemLMD2Ka6HrkTxO7U5xk0CbqZL-BBQEZOF-6tbA1w9ebU-hmQrKradxGiTJyUEUjyolauZ2cCYHmDwPkOtRrloT8fpcjKDFUFmeNtlk77wMh49jcoby7NuXHgJRVzy5DBwQf36_4VWZjqA4a3cyL2V9btJzE7W6N1kOoC8CsxPfG7sDaWEmjdK3WUB_4UOZ-MMIafRYIKQFuC0nLO_n1Xcjh1cvCzl7oZ7BgTSPEMaknHmSzOegYpbnx9WFPr1PXNMfhxmcqF4qliVIpmPXkniS73zq25Lr492Y2AGx5SoFfNDdIAs2DebS7wkcK9TD-Qfi5fSXpskrsEQ66Hxg3xVsaG_aSAtlMUzzeCMX1GKJAc60BSkni8g5WpYRbU-Z0axdmnbjrl8d_7sDvPZ0Xgevm3HSbqOyRAWRj-1hytW_xoRDYuKZNxfkCPWFDQqPkvOoxJLQ4_lWrgjXkRJTDurpzTjo69byytq1ZHsDNsNLuokIIPRJ7Bw2iQHFsbrctZHquliQtX6DBi1otsRSKWfo-3G0-fNAk5Gc-GJeX7ipkjGvRNqcXSa-FsmC_fxNZjmH7K7l8WvTK79CaXNgRhi0Eenx0i2huCHmsUPMh5WcHjr5UMq42sSIM_fjfz5G7xOyzKM2u32naB4ZXufvI2LOZ90hA7O7YR706An5NLNdPU2YmdAU9imL5iAGsTFDnDTyblcLYlesqVar1Ietnh7-MIi2NAEfCOsUEUvWw5o9sN-MWyZTMYsoV1nmw8JfK-5zeCgElljTltR23WveAg0v0e7Na5oOv201TgKr3GPniB0OryDywq17MTU4mPtUJywHmpQb-SE3q0q6NForcGSqfo83N9bZxMeDwvbTf6-gSwLIrZVNqTphn5aC8CgtK0ZHic039Jl66cXMoWz4Du5oPzpygRSkz_68IEV8J1cKpKL05JVhu7OqUcg-u1sWhvTDuT1ro85XduNw6JXOvON7-Mc035LlBEO06ddtI8Cg2joLXd8gjxg7ru5FmeoHV8NU8C8Kkwstqsu7q6v3Is1Fsjph12zjS9-PdL-rPBiqgEa4DyfKkwwQY-9k7jniMG8MoP0dpbjJrJnRBXfK5KMAt8qHYFOoI_akwLQs_hlqRv7JELcZS3en0dtu6cxpbZVp8njLq4hUJ_UWCgQnvvAZ-DyxMNtPVyMMxY57KQjCCO9J6_QqdsTBBe_5SmYiQy3HyMrQBDod7udnsPnQmz2ufNEw7gk-xvDiFzEhyHJ0V8Q5GbxbmIvjwgaTORA02JIfVbnsQd3MUfGs_dt4ofZir5hKvq62vp5EIdjw9N83UTBeOVPBkmjnQpL-uE0IiBFbicLV9dDHYYl0XMpzet5hmZOUl8kktNzx9VFVvex3w6lxtEAoKay0tQpfqUMKXpyndgsDkMPNvT9AmD519smR1KHSPHAitFpczp7irdmWUzCjdmN0AX7ekwgtH-XqHjYuUHs3hPFCjZDjQFHtwPA6mPS9TtcaYrbRDDRYY7kQqWdZnA_1aiexVZ5U81LWoUzuHXdWSHvf8OLfnH50n9fvj7iMEZHd6b9bvPhZocZUiSAGwUIMsUpbxxZMLYcBW-T3j-qnG7r5t2TXY_zeMQoR_orO5Lo8IgP2b_uzs4yoRgWp6N9U96mYu5x3nIuB2bTlsZAKp05f77657fJqrNxdHjk5WA0Ij8XuMRK7rJ0G9R2R7YsMngHyyF1JB7D3OcmeSmDoZJG8CyK9_vv8EUEGb4t9IfaX81c5EnfPErkNJvdUh6OsCBsRCrWFDpJmdp29IsKvvEMEO2pRIf2uz-ruZaU11C_TAQ9nEaLp7U-UcVAOrDnDqxt9BgmdlfrG-5kPIt4d3WgTsEBlVn0utWQPOSTOIsgE3BPHx5TuB9tV5oS-zHY-DscHmJfVey3ijVFvdWqaPxj3T5MMsxdCd433Fp25QE-rmuBWxpPR13M6iAJagWGgw_9d0tqlqcIDT60z--2Dd7ItTzVzwYnsewL-VQMr4Gdo81BImlmieriaOCmTHWQyiWy1aNkStnStx8lu2HhvFPcYiWR_-95yz6yGASCM7khltmgZ4JTLYVNidPSNOHLD-rEDHm0aZD6fT8zkA2qdIuo2OE8GgtoRNymFmyUWmXgIvxwOBGP_bkyNdUqEri3EEQItipolxdKYGISXq4dHUIOip2wM9MDFHRohXt0Q_rF9_CAeBzQgzj38bMr0E7Stcw7fOd9u6PeF5r2T3zHZuAiyonMJUNBM0jNqrKUrUJVZiKPa3v_IF_W4AE2C2hYtRKm1Olopt9zxn8LbfoMqrwd32a30PMDG9afvjuPmKNOHhKvh8gFXAnGeHeGe4WqSuFPi791lV8l4uFXOl2JbgBeXfa255ZA4WQW6rvDKWnEhDzhwpq1e7ojvfLOtEGA_Zeo0MbGDi0VFiv9XSY4nXrBS8Z8AReFpUrTtqBU9_dcF5bZK0qJ8Ms-ehL1NFY26kb58vV7A3ysD4igoUhK1cMZYT2ylqoYa_v2ZCHxY_e1TlLTG1eJbFehNA7-7r6-8lFzsXPyjRHfqeZRekPNbGL_OV8YLnwgSUYSwXrnfaiy3mzZoQJjVIp24Vn4MVTDPc-KS1ALMhVT28Sxpn2W9aoxPeCjb4fHF_p6hBWy-hSdfRa6hehXFbry6biYJDoGAqcLeF7hK-_45beoYXqQkmEWuG7FEc3HKYtC2PPl7USOnGTLdYCQSnSMCZ153lYhj7glmIB4tLAjAGO4ZCLHOAMvmNBnPPAc68yPl7gHEoHSzRUAkJ11YItULz3Q6CJm7tjUj4FQ2Mrr_hS3ZDQU6QR5sihrUL0zM9sdyEppoCdNATz7maThiojpvgedQccRVP-HESoZpfMwKMUWGBA4z1UjcqDd9Cfism63877fajHqqnNpsTHnHwJrZvDQLDKY3m_tpEY4iYd-n4k5LgIWOjQ9VIraBVYflyZGod-55udZCRxB8JF08tBQEQ-07n4sK4j-JBDAiujwRTlyKCGePI_9HHwmZOi020ye4aFYbCtE6ZXSfrHtpHG6LhxmpYgmS2vrLw_-wOdZt4eE91jL3Q2Nq5fqTgDpPNXDnPcoomA367kDmKFrLj6-2tMmv2vFCg26rROgXjwwCOcsTOKixwWfeqAqnHAN3jp47ZK1Urz1V9zoQ9koEEkedquc9AFTqVegcgaYVBNS2qpvAarh&cid=CAQSSwDICaaN0S0-pseKODxwVF6aRNA4sgwX_rC4Cnzx6pN-l_vyUymmUiKspfeQi_D1YW6VU0S84xXrM3eXOTHRgVC3F2ugon7HMgZpdxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f154.1e100.net

Software

cafe /

Resource Hash

1ea09c52721547f05b07c5929fbf4d4ceec86d16d29bbc95b6ee2ae7650ad5b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16346
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6776 54 KB
54 KB 253ms
150ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=528&rid=4&s=ivw_bvHA_3V0TvjH4yeRBukD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 55005
expires: Thu, 03 Oct 2024 11:24:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6776 19 KB
19 KB 313ms
211ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F2200_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=y1FfLT3OIoFUY9BG1dQvcb57&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

67ae5cb9a4c423af33efb21376c45272784c5c6cb0327b5aff4916f80e059bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 19566
expires: Sun, 05 Nov 2023 04:46:14 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6776 0
128 B 138ms
38ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=WXDM_azgpAMQvBrGKlDjK6y6YzwqBZsfSFpJ83aTd4m8easvwoExfZcOpBOWQWixvuFtuPC3n0j44k-oSe5ztsM7SpehKfGPTfLKa7PmJY3lq4Ht5Fa4MzzAF17HHMGNobYziyXfZiXHTF5Tn5mj_a_rGxIrMsD4ISzmnOTS4Tv8GHCbxxIzEJ4GzvmQAJnCN_xtpmbdEcO6HBZRkDvOeyNO2LFnvc-_7mKlfhSVe_zDsmt4N7SD30qEy6Ie0XgGlHMArg&sds=2&rev=88955&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 21 Oct 2023 17:59:04 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6776 2 KB
1 KB 39ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Oct 2024 17:59:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6776 2 KB
1 KB 39ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Oct 2024 17:59:05 GMT

GET
H3 200 routes.js Show response
app.tweakdoor.com/x/js/ 4 KB
885 B 164ms
164ms Script
application/x-javascript 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tweakdoor.com/x/js/routes.js

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

20728ee8e0953a69f5b457ac7d724175795e0d51cddca219c2a7b1e5eefe5b59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 07:51:40 GMT
server: LiteSpeed
etag: "10b1-651e6b0c-893ff040f4aaf9c1;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 786
expires: Sat, 28 Oct 2023 17:59:05 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9CD7 12 KB
6 KB 54ms
52ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Oct 2024 17:59:05 GMT

GET
DATA 200
OK truncated
/ Frame 473C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 888d18a117ac4677fc84ae440875bbdec7dd01af41b590ac2a7a530ef1b1d039

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9CD7 54 KB
54 KB 98ms
91ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 55005
expires: Thu, 03 Oct 2024 11:24:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9CD7 127 KB
128 KB 168ms
161ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F7227_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=6nNXPNxNLTuL-PGui_SvIGtY&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eaff8ecfb5fb03793c7c89eadc4990cef916b28a6309be20506848140d198256

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 130250
expires: Sat, 04 Nov 2023 22:38:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 9CD7 15 KB
16 KB 54ms
46ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F7226_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=JwqW54MK2JMeBs6Bx0rccvD4&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

de95ae2b1b92a67becf3bafc1f29322012e04fdf7521bc300c186dca26dd61ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15780
expires: Sun, 05 Nov 2023 05:10:49 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9CD7 0
127 B 46ms
39ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=-_XsaqzgpAMQvBrGIDB6ZOJmEnuXcJF9t6XRS8cUuWtPjQLg3aP7xGEp9P7cpW4fY4jy-xpp2f_kfiCCFxnuZHqcvnx75ff6yBAmMNn5uzw6aCgmR_P_pFW8cpQPQLKcXAQZvkwaKQJJLkHIzlpwnnFwDWsVVMgym-kt3T-FneG_VtpyJ3ys9BnehbnYLrBvWTrEIaxhE0K6mnEZLsnxYPpxc_3fImqX7yw8C9yjtv8ENv2d09qNGzp0Lem7Z66OvKu54A&sds=2&rev=88955&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 21 Oct 2023 17:59:04 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9CD7 2 KB
1 KB 41ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Oct 2024 17:59:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9CD7 2 KB
1 KB 42ms
40ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Oct 2024 17:59:05 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame AB04 38 KB
13 KB 24ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 219256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js Show response
pagead2.googlesyndication.com/bg/ Frame 6589 37 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dac844dfab81cbe106e5e8ff37a4fd62bd95f1139b67dc76e624b7662b6b019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 345277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14519
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:04:28 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 473C 0
54 B 334ms
144ms Ping
image/gif 2607:f8b0:4003:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lo0cgghb&c=3998172496466&slotId=1999086248233&qqid=CLmshfXbh4IDFUkVrQYd1iMOAQ&fb=outstream-lima&vast_v=2.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c13::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
vast.doubleverify.com/v3/ Frame 473C 17 KB
4 KB 309ms
120ms XHR
text/xml 104.18.36.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.doubleverify.com/v3/vast?_media=3&ctx=1828362&cmp=189093&sid=18330&plc=6688641&adsrv=29&blk=1&aubndl=&turl=https://app.tweakdoor.com/&auxch=1&pltfrm=1&ausite=762280502321&autt=4&ppid=103&prr=1&auevent=ABAjH0ijrwJC4xcoCFNBraodrew0&c1=3060631&auorder=1012742112&aulitem=20204872007&aucrtv=495654974&aufilter1=3060631&audeal=&_vast=https%3A%2F%2Fservedby.flashtalking.com%2Fimp%2F8%2F189093%3B6688641%3B208%3Bxml%3BDV360%3BDV360FY23StockBEHCustomIntentDEDSKVID1920x1080%2F%3Fgdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%7Bs1%7D%26us_privacy%3D%7Bs2%7D%26pbMethods%3D%7Bs3%7D%7C%7Bs4%7D%7C%7Bs5%7D%26cachebuster%3D%7Bs6%7D&_s1=&_s2=${US_PRIVACY}&_s3=[PLAYBACKMETHODS]&_s4=[CONTINUOUSPLAY]&_s5=[TIMESINCEINTERACTION]&_s6=[CACHEBUSTER]&_api=7&_ssm=[SERVERSIDE]&_tsm=[TIMESTAMP]&gdpr=&gdpr_consent=&_abm=[APPBUNDLE]&_pum=[PAGEURL]
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c82bdde12324017de6f575eb0c64a7b4cd00d1a6361070625ad6f610c1e976ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: br
server: cloudflare
vary: origin, Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: https://vpaid.doubleverify.com
link: <https://vpaid.doubleverify.com>; rel=preconnect, <https://cdn.flashtalking.com>; rel=preconnect, <https://cdn.doubleverify.com>; rel=preconnect, <https://servedby.flashtalking.com>; rel=preconnect, <https://d9.flashtalking.com>; rel=preconnect, <https://tpsc-video-eu.doubleverify.com>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect, <https://ad-events.flashtalking.com>; rel=preconnect, <https://rtb0.doubleverify.com>; rel=preconnect, <https://tps.doubleverify.com>; rel=preconnect
alt-svc: h3=":443"; ma=86400
cf-ray: 819b64748f390410-FRA

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 9A5F 1 KB
925 B 230ms
44ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_992839412834&jsTagObjCallback=__tagObject_callback_992839412834&num=6&ctx=1828362&cmp=115750&plc=4172027&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=992839412834&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.60&dvpx_strhd=0.60&brid=3&brver=118&bridua=3&dup=null&turl=https://app.tweakdoor.com/&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0i4OGzC22M13cbfqMrqLNGO&DVP_DBM_1=3060631&DVP_DBM_2=24779292&DVP_DBM_3=15170489244&DVP_DBM_4=396484704&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=762280502321&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTau2AA%5DEH62%3C5%40%40C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau2AA%5DEH62%3C5%40%40C%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=17.60&callbackName=__verify_callback_992839412834
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5dcd435de3688ec34fb07d5b56e6ea418de0fa72c2157a46c367cc727813c90e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Oct 2023 17:59:05 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/20/2023 17:59:05

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 473C 0
0 63ms
62ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLG7RaBE0ZbnYIMmqtOUP1se4CMTlwOhwpbbs6qkRj8i-wM88EAEg_fzbKGCVgoCAmAegAYLk69ApyAEFqAMBqgTzAU_Q2na1ED8gzrtCJhV2CdEKbFBT_uiCYbmviivuTUkgHDd27KUIjsVE99XFG1_b1FUb_ErihLh0ADHBwKR2VsqtMDz9xP9eVS8yzTgi7RI5-1ZmexBEyRSdLUrrthWqwNJhPEUc1Sqr8QV7vxz8XVTQuJA_-GdbF5T1ow6bELRicHwXTpl2LRhVCD0jmBl8MlXyTci8JBcJ6NI2S_CdBHIXiekHYC-jdUdfiJWsOGRd5rFSMKjn_wWPEJhdEmQZCPsV7KnJN1hO2bP6z5yjkOhZFMM3WNoHOa-7Z_-FVXBeT4safcGOL2UPAqa1Bhjs5trp9MAE-dWXhqsE4AQDiAXHwreiS5IFBggDEAEYAZIFBggbEAEYAZIFCwgiEAMYAUjXsPsBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ5gAeCnLywBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEOyYGBi-sKzsAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAwqCgoI5LSxAu61sQKwE72BkxXIE-Dv9OID0BMA2BMNiBQB2BQB0BUBgBcBshccChoIABIUcHViLTQ0MjAzMzI2MzYwNTg1MzAYAA&sigh=rxA0pNpsVeA&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaN0S0-pseKODxwVF6aRNA4sgwX_rC4Cnzx6pN-l_vyUymmUiKspfeQi_D1YW6VU0S84xXrM3eXOTHRgVC3F2ugon7HMgZpdxgB&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=925113182&adf=189457609&pi=t.ma~as.2168616157&w=728&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=728x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144422&bpp=7&bdt=1174&idt=7&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeoE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Rcwr77aTq1&p=https%3A//app.tweakdoor.com&dtd=10
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 21 Oct 2023 17:59:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 app.js Show response
app.tweakdoor.com/x/js/ 2 KB
694 B 163ms
162ms Script
application/x-javascript 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tweakdoor.com/x/js/app.js

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

85b3b56eea731ee33b4eb32ff55870e06268982bcc904df35ebeab517a13ed97

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 07:51:40 GMT
server: LiteSpeed
etag: "64d-651e6b0c-adedd5aa14195ab3;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 642
expires: Sat, 28 Oct 2023 17:59:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6BBE 0
19 B 69ms
68ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0v20aBE0ZbfuIrKXtOUPoOygmAjJntKxXI3w4taTAcCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi00NDIwMzMyNjM2MDU4NTMwyAEJqQLQj0BKPMaxPqgDAcgDAqoEzAFP0DHfMzatUXWEWS4_LUpbSAtGJUr8FgUFeS21qsaQZe4WiSEVm-uKv6lwxoeMW7sRkF7TnkLQ1gXZaLH6ol0Tk48YBNWhaeXomXOBii4Wk0b1TcWxpTA74ud0QhwUTej7XxDVp5_2w2fjkoaykbIl1pcr3xVKpE5bk5et1W2B3EDuXa94VmCr1GA9oLmJHFlyW31XPQ0N9PA0BgsuoFccSWmBO7sfVUCbbtROANQf6hIeNXPWd-azJFYgQq8YA8N-wtAlWRnK68uqwuyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NDIwMzMyNjM2MDU4NTMwGAA&sigh=d3kq_8ItL1s&uach_m=[UACH]&cid=CAQSSwDICaaNZ6DVBI0egMrGAk9fxjl_eY5AmuKCTLf5u4dXSpFjabSTHX0OHuoJPjiH5-puWtlN56dww-TEW74nUqvrXHf6HwFP309nFxgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=3967338117&adf=2136182353&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144457&bpp=3&bdt=1209&idt=3&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9OCzdAVM5J&p=https%3A//app.tweakdoor.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=3967338117&adf=2136182353&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144457&bpp=3&bdt=1209&idt=3&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9OCzdAVM5J&p=https%3A//app.tweakdoor.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 21 Oct 2023 17:59:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 6BBE 0
126 B 205ms
39ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGMz6RLAJmAKdg2ICAgAAAEAJ-ICAbtB3EGgRNGVyZj2T3dftIengAAASAAAKCkFRVUREd0VCRHc&wp=ZTQRaAAItzcGrQuyAAg2INLsyHwDhBIJSL8TrA&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=3967338117&adf=2136182353&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144457&bpp=3&bdt=1209&idt=3&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=1337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=9OCzdAVM5J&p=https%3A//app.tweakdoor.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 186048
server: Kestrel
content-length: 0

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 9A5F 24 KB
10 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9959
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:24:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 21 Oct 2023 18:05:26 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 473C 0
54 B 144ms
143ms Ping
image/gif 2607:f8b0:4003:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lo0cggls&c=3998172496466&slotId=1999086248233&qqid=CLmshfXbh4IDFUkVrQYd1iMOAQ&fb=outstream-lima&vmfc=7&vhc=0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=FTPrivacy&icdi=16x16&ccc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c13::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 473C 41 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 22:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Oct 2024 22:32:49 GMT

GET
H/1.1 200
OK consumer-privacy-logo-16.png
secure.flashtalking.com/oba/icon/ Frame 473C 7 KB
7 KB 210ms
71ms Image
image/png 2.18.96.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo-16.png
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.96.37 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-96-37.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:59:06 GMT
Last-Modified: Thu, 06 May 2021 18:54:24 GMT
Server: Flashtalking (AKA)
ETag: W/"ea9218504eec09a337676178d9020356"
Content-Type: image/png
X-Varnish: 257214694 257303549
Cache-Control: max-age=808
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7281
Expires: Sat, 21 Oct 2023 18:12:34 GMT

GET
H3 200 page.js Show response
app.tweakdoor.com/x/js/ 26 KB
6 KB 162ms
162ms Script
application/x-javascript 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tweakdoor.com/x/js/page.js

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b60ba7424d5a53684d0acee8fb78518c1231bd3e274c69ce8f3fa21ae1f3f7cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:05 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 07:51:40 GMT
server: LiteSpeed
etag: "67c9-651e6b0c-719c0e4659fca45b;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 5903
expires: Sat, 28 Oct 2023 17:59:05 GMT

GET
H3 200 bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js Show response
pagead2.googlesyndication.com/bg/ Frame AB04 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dac844dfab81cbe106e5e8ff37a4fd62bd95f1139b67dc76e624b7662b6b019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 345277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14519
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:04:28 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 473C 0
54 B 143ms
143ms Ping
image/gif 2607:f8b0:4003:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lo0cggvm&c=3998172496466&slotId=1999086248233&qqid=CLmshfXbh4IDFUkVrQYd1iMOAQ&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=6&smb=Infinity&br=25000&mt=video%2Fmp4&vs=1920x1080&msm=1&aits=0&webm=0&vp9=0&vamt=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=true&vms=1&bit=0&hcn=0&met.4=arp_a_e.139~atrd.148~videopreviewvisible.16m&ua_e=1&umsem=0&ape=1&ple=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c13::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content FY22Q4_Stock_Stock_Stock_DE_DE_WorldOfStockLight15s_VID_1920_1080_25000_3000.mp4
cdn.flashtalking.com/165457/ Frame 473C 44 MB
44 MB 159ms
44ms Media
video/mp4 2.18.96.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/165457/FY22Q4_Stock_Stock_Stock_DE_DE_WorldOfStockLight15s_VID_1920_1080_25000_3000.mp4
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.96.37 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-96-37.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 21 Oct 2023 17:59:06 GMT
Last-Modified: Thu, 31 Aug 2023 17:38:11 GMT
Server: Flashtalking (AKA)
ETag: "cd34ade41db78549295eafa015a50ab8"
Content-Type: video/mp4
X-Varnish: 273727114
Content-Range: bytes 0-46615662/46615663
Cache-Control: max-age=30
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46615663
Expires: Sat, 21 Oct 2023 17:59:36 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 473C 0
54 B 146ms
145ms Ping
image/gif 2607:f8b0:4003:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lo0cggz3&c=3998172496466&slotId=1999086248233&qqid=CLmshfXbh4IDFUkVrQYd1iMOAQ&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=6&smb=Infinity&br=25000&mt=video%2Fmp4&vs=1920x1080&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fvast.doubleverify.com%252Fv3%252Fvast%253F_media%253D3%2526ctx%253D1828362%2526cmp%253D189093%2526sid%253D18330%2526plc%253D6688641%2526adsrv%253D29%2526blk%253D1%2526aubndl%253D%2526turl%253Dhttps%253A%252F%252Fapp.tweakdoor.com%252F%2526auxch%253D1%2526pltfrm%253D1%2526ausite%253D762280502321%2526autt%253D4%2526ppid%253D103%2526prr%253D1%2526auevent%253DABAjH0ijrwJC4xcoCFNBraodrew0%2526c1%253D3060631%2526auorder%253D1012742112%2526aulitem%253D20204872007%2526aucrtv%253D495654974%2526aufilter1%253D3060631%2526audeal%253D%2526_vast%253Dhttps%25253A%25252F%25252Fservedby.flashtalking.com%25252Fimp%25252F8%25252F189093%25253B6688641%25253B208%25253Bxml%25253BDV360%25253BDV360FY23StockBEHCustomIntentDEDSKVID1920x1080%25252F%25253Fgdpr%25253D%252524%25257BGDPR%25257D%252526gdpr_consent%25253D%25257Bs1%25257D%252526us_privacy%25253D%25257Bs2%25257D%252526pbMethods%25253D%25257Bs3%25257D%25257C%25257Bs4%25257D%25257C%25257Bs5%25257D%252526cachebuster%25253D%25257Bs6%25257D%2526_s1%253D%2526_s2%253D%2524%257BUS_PRIVACY%257D%2526_s3%253D%255BPLAYBACKMETHODS%255D%2526_s4%253D%255BCONTINUOUSPLAY%255D%2526_s5%253D%255BTIMESINCEINTERACTION%255D%2526_s6%253D%255BCACHEBUSTER%255D%2526_api%253D7%2526_ssm%253D%255BSERVERSIDE%255D%2526_tsm%253D%255BTIMESTAMP%255D%2526gdpr%253D%2526gdpr_consent%253D%2526_abm%253D%255BAPPBUNDLE%255D%2526_pum%253D%255BPAGEURL%255D&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c13::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v97.js Show response
www.googletagservices.com/dcm/ Frame 9A5F 57 KB
23 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v97.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23166
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 13:28:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Oct 2024 18:19:14 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame D1FB 23 KB
8 KB 23ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 476412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 05:38:54 GMT
expires: Tue, 15 Oct 2024 05:38:54 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C03 42 B
63 B 168ms
166ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B90qk8Rg1mCaYaksIr0pxKtffMwDeo2awokb1GcqnU9qzz4L2XP0jF8QYA6SLRMNdKt_UoD9oespwwkvgv4TdaBV0fFZqCJcbF-WZToyMmR1A-At8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=2168616157&adk=4202454054&adf=1788474492&pi=t.ma~as.2168616157&w=300&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=300x600&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144401&bpp=9&bdt=1154&idt=9&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQCaf9Tobt&p=https%3A//app.tweakdoor.com&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C03 0
20 B 169ms
168ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15604649558678325285&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7C03 89 KB
31 KB 147ms
146ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 17:59:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 7C03 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 13:29:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 13:29:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 7C03 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 00:02:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C03 187 KB
59 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 17:59:06 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 213F 624 B
245 B 69ms
68ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGITyr-kBMAE&v=APEucNVVFjY5aRpp_D9Zh_p1m-Ybwnah1MesirhugmMPEdwUFpdiP5gRV4Gj7t5nVNT2XeV5P3JJFfp-FtZAfTFzzNX4INncX4C4y3wIg9iuJMzxQQ79_RggDykI8kAxWpecYkPDmmauOjJN-GMnkO1cby60pq_S0QU99o5ZixC-ta8EHDM2pe8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=2168616157&adk=4202454054&adf=1788474492&pi=t.ma~as.2168616157&w=300&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=300x600&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144401&bpp=9&bdt=1154&idt=9&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQCaf9Tobt&p=https%3A//app.tweakdoor.com&dtd=14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:59:06 GMT
expires: Sat, 21 Oct 2023 17:59:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B9689862.280630144;dc_ver=97.287;sz=728x90;u_sd=1;dc_adk=3424353018;ord=n2ongy;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fapp.tweakdoor.com%2F$0;xdt=1;crlt=GbXxTO9... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 9A5F 66 KB
30 KB 132ms
59ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=97.287;sz=728x90;u_sd=1;dc_adk=3424353018;ord=n2ongy;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fapp.tweakdoor.com%2F$0;xdt=1;crlt=GbXxTO9h(!;stc=1;chaa=1;sttr=121;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v97.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

1431fbd8664b1cd350cf989499340ecfcb9f5b3e47b2dff77199a35690dcc258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30308
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 code.js Show response
app.tweakdoor.com/x/js/ 833 B
368 B 178ms
178ms Script
application/x-javascript 2a02:4780:b:653:0:31a8:9fcf:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://app.tweakdoor.com/x/js/code.js

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:653:0:31a8:9fcf:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

49309cd3accabc25ea196fe4466a8ae9de22e8e46ce56d64070cca31dc2f2802

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:06 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 05 Oct 2023 07:51:40 GMT
server: LiteSpeed
etag: "341-651e6b0c-a76f8f4cf72ab264;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 270
expires: Sat, 28 Oct 2023 17:59:06 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 213F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1

43 B
735 B

47ms
47ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGITyr-kBMAE&v=APEucNVVFjY5aRpp_D9Zh_p1m-Ybwnah1MesirhugmMPEdwUFpdiP5gRV4Gj7t5nVNT2XeV5P3JJFfp-FtZAfTFzzNX4INncX4C4y3wIg9iuJMzxQQ79_RggDykI8kAxWpecYkPDmmauOjJN-GMnkO1cby60pq_S0QU99o5ZixC-ta8EHDM2pe8
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZdrwSwHIdoCP4lhPpOVENzHyBDpOa0Y%2FI4ILY1GVNj%2BgMJpIrxKxTjaZNLNZPBMIbGxR1oD7PB5xpmAUhk0K3f61YIKOl4lEDjmvQG5T08KCnAbXv63Nue75CnB8mvBylXaiP%2FZiDGxBw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 819b6477ea349951-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 213F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTQRadIUW.vwFnOwNORGwgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1&google_hm=2

43 B
732 B

167ms
166ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGITyr-kBMAE&v=APEucNVVFjY5aRpp_D9Zh_p1m-Ybwnah1MesirhugmMPEdwUFpdiP5gRV4Gj7t5nVNT2XeV5P3JJFfp-FtZAfTFzzNX4INncX4C4y3wIg9iuJMzxQQ79_RggDykI8kAxWpecYkPDmmauOjJN-GMnkO1cby60pq_S0QU99o5ZixC-ta8EHDM2pe8
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TY7ixTH3AXUjw6ULmJ9DdwowiVXkYEKK5m5sWaV%2FurCiuAy5qZx%2FCE7nw23p7v5sUHDLU0qXKXAqtpYg45TtzfCVGfjqCQc6PyyWYUoOmsoz3tI0cVun9gnaujUblJ87lAGO9Dc4ex%2F4oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 819b64783a839951-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH67CxVQckVPd-PwmWdaahc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 213F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJJxCUCcNs9wwxtHZYfhA8U&google_cver=1

43 B
844 B

45ms
44ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJJxCUCcNs9wwxtHZYfhA8U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGITyr-kBMAE&v=APEucNVVFjY5aRpp_D9Zh_p1m-Ybwnah1MesirhugmMPEdwUFpdiP5gRV4Gj7t5nVNT2XeV5P3JJFfp-FtZAfTFzzNX4INncX4C4y3wIg9iuJMzxQQ79_RggDykI8kAxWpecYkPDmmauOjJN-GMnkO1cby60pq_S0QU99o5ZixC-ta8EHDM2pe8

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
an-x-request-uuid: 25ecd56e-ef12-46f2-9d37-db1568bb2772
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.28; 217.114.218.28; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJJxCUCcNs9wwxtHZYfhA8U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 213F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1MzY1OTI1NzcxNTUxMzk0Ng%3D%3D

170 B
188 B

36ms
34ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1MzY1OTI1NzcxNTUxMzk0Ng%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
an-x-request-uuid: 4bd00f16-df82-4499-9a65-1c9baedbae49
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1MzY1OTI1NzcxNTUxMzk0Ng%3D%3D
x-proxy-origin: 217.114.218.28; 217.114.218.28; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js Show response
pagead2.googlesyndication.com/bg/ Frame D1FB 37 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 345252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14604
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:04:54 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C03 0
20 B 164ms
164ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4658918700766&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C03 0
20 B 164ms
163ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4658918700766&version=m202309260101&ct=76&x=1&cor=15604649558678325000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7C03 106 KB
41 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwVXGcz9cq0fC8ZebXmEz7PXQA8B0dBsO6UbsWwZrgWVZGupi-rubd8wVKahrn0KNcsPZhAMEGJW4gVfqVrA30bFx4M7yNUqQVbw28BzkQYdFJgFlnWDK2cIhZE_yQLI251-2ep2-Xoq3JX5gHPuvrHLERCyr2H7U1FcI6vtL4Zh41oaA&dbm_d=AKAmf-A-G8IlTDDiOT8LRhqpSxMAWEBOGpkzn2K0jrLxTCCiYdfAecWncy0iOTIYfi5-4HXUlzGyV4vB0hmOXBAwBAucAUxpnhaDxIr0AcRLohmolbPp627ZD9XnZFNqAM20pW6-UWBc4t0patAw8S_7hYmGFWa0OPYfPO0c1KfSb9NfPoqv9z5k-mFrQQjjSbj4feMjX7hxUHxKcaBhK9QJbswGtLKo-5oxy1o8nHV38-OY9e4eaTYs6nRR4nobluWpD-23R064jrG_bRPhX7QHHMra16Dx2Afwtn11YoeO4GliWm4RFOUQ9JJGltouWjEd--KOWFZld771Z36dQcDCYXjTqgOpIkvpwbaGrutACHFxUSfUSfRuTImDa2bgmwjjGVOjbeiGnNRpZomYLSuooZ3wkNvakm9EDgmiMJgO-w0F5dm0HQalD2p9sg-yReXTZ4OH2GrXMqMs0gUHFcw02_xp4-vZ0nIVp9rA4WEKmI95vqA5CRsLvni4ncXDLtFQgtK2-AzwS4G0QiopfnTWiGneF3cay-18FFsz1ho2V1TEZS4lBNOSI3TDckR1CCNf58DunpAui7ozXBVeYmDiyS3fgiHzXLciSWAV6TvQPaYaIkYPANk0K96kJQoqug7cZom5tvTpbzWYISz_RxwNXkDLQcSKNU9Nx2uOykrFV6RqJEvKETYKZraOT3wzNhQbMAfUOaj6nhrJTLyZREmR7ZOp2KqLC-GNpU8LuDMb9w5HZDr9NMwIAWjK1Xiy34tNghD9xnuPXAdUIRYL8NLsCWNehU5pyNadHB-u6BIF2kl1gpzCB6TlSQsFx-m6D8sYLPkXe1TlSrmLT0BVpmyBUcwzpmYAtIlliHghOJkTUUBApmbG9m3V48GDnpqG-icOWIhltdgOpFFT14GP0LfTqp7Jf-TRSR_4lwYdIzQLrEtXacsBRTUtgqKyW66T2EspBrCfs4PRCxHfIETlk_16x6dB3L4-iRIk0Mmpipmy2wSlPMlmiosiJFvYCcWMXHfZP5ZWX2Plgn4HFcdQb-5NV4VN8wW8zVgOLhpVFbR_3136NKOPJ1KVfNkveIGiLBqTqhXskfYH8Uv4YU3UzcTfpskNftWG5JmKy8vIXnAJMExwFA6mJ3MrCMn4jQNZC9SZf5gDUgrfJE1ByjNdphWHvmKl2R2-FlWOE6m2v9bmsckhu6nhe60qa6WtoD2D_amH-HKWyJ0jbI0Je-lxP2-ZSqVuascUN0Ls6NFyvOIkLkb_7EA9xJ9gK-J_nJRukQuSBLXOAddOQJz9HwHCKxQo-w-EZyXbLO1MAHNriXYXUaoonfJoXYuIaKMgsCGip3LBXlxdRufml0mmzybgDfMdBnipygLmaP6S6_cvbEpghHbGzOKhxNU2Xk64GosyN3GPs1PdgSr5Ssj6SboYrF-1zeuwLNXgYVaoAkjty7iSKj3GjC8evrJl0CmgFCyZBnK8GJ5L2bN4jwJVoA9BfwZNJtyswIBxsXEdYX5169ETGhYnmiNeZ2klCxF1MXFccGc6JT5ti4T38ALf-7LpoaIcdRLjsddfL9Q2T-4RUc72Rv3v57QnIJuu18OpKzN8-HwaSvNFgp4qdGANLXgGHYXt2butuD7I3UFNIVmWJWMJcrMqfigGB_-kzWyfqOIY7TJoDZ1aSNCVR4fEX9HJUDmLqIucYbG1k2BXhSYmLIuFjRa8akmFiH3OBXskuH5XJKAezGb_PiOzDmLRNQ5JFltu-6OzyhvBVQd86B7cffQwnrgQ_i1n8FZMIIXX58qbPYGj6QWlwuoQgZofbPVip9rgmOHp2CcaJdkPyxbZGY6w2Tu3O9Pf_1JmM0tP9gNY_7qa5DkKWIesoh5q0m7596OUVXLUVFFoKeOJpX9Op5y264WXu7k-Dtpkwc5C_5DLFYLo6Y2w9QneFKiK4FJWyMhzcpwhkZWo2MhRpCs1UIDYv5wupkks7VAR_qV8vSijjhCg_P9c48CSXEUQCWxXnEjYHlyf6QChSjvj0fitPfIWe4f7t2qhBWYltaSStYvAirC_ix8c6_eXZ-aex-r-uG_WLUPD_HxWxCtGncyJbBVeWTa5W4IcoSTHqmgLvLfiQ2QAIiB2aJf03bHrB21X03AA0mwMB76FHsuPcl4yCRNjq9FxpzXqs3z6lIX4Jy7Q4tRNO-F5wS5zaLleDkrMwpiMyKjQ-7VGUffCdVci5SVfZZzFgIRLoyZxOVrz0BBliNNjcF32dBKllt_JyS9gcUX71bwk9GNjOMqW82xTVp_z2Hd_Kkm8dkPcAyft_boscNuUrnhMLLRcrjQdrei4NJbE2JPyU07AqwcxSn4ahy9za36cVjIoCS7vuWrlENOIksVDTsC4e47FE3_9IEyCHNJ4NPw77ZD8E5YCN0SDuBX7q1xPmpQatuorV5jOpnEQX3bUUEXParTsnv2nOuNG8cMgv9hnLAjZKM6bqQWnDkGP9f3YWHL1lO6R6SoXpmHfEgoL2zbcQHKWrnTTBoyKwn860L79d_fM2DE2qlccNOWxlyv9IWVdihLux6Sh-LSaJGE6_syPhkgf0YiUV4CtYgqZTMsRr57FYFm9Fb6Wk_AAhoaVKK2FajBwONk92HrE8HuGrbv5Mb7-w-wkbmNmbpTjuKZ52LylJ2LSF9tot7BfnV0f12S_4H3WwIG5vkd6-xx95S2Jr1HPca2TjHHgsm2kBDaXzsjxK-xgC6h-AtT7D2hbdH3-j6oc039mHak8yfkG9Qt-GWf00OdJ-VMuLPrjM6Y50bGTvvMQbGQbfxWidLhMJV2WGWAbqb81dcz4AL5QaJXJ1GdjmS4XlZCdKDIplKFW4TCSU4JouCcRLKg5RGkfdSXnczr_uXBSEo9jiG6d44ZHvoUI2A-BaTDvwQ_vh6abMFMaEnQzSV4o6pUp3CNXVHE2QnkenWG4eMT7UpZdxjPTwrLzTCLERU2iI12otYECGfyCmklAGchNsqsSzwtGKABAWP-edpDdiUpDjW46QKrV5BAHocqxj13v6aaxj1sRQgKQQbgmRu86PvTPmiC_72wgKz-gjR-fUSK5dfjwCHQswyyhSXET9QYC8VR_W9JEoaPqYYhrsBUwR8BZ1DLWzuP8daOplks9ReI2vlK9Uzv3m2sM7aFJHhm_DdKveQa8a474JHequ53piD8hIYJl5FoPyHYR8DHqc6wXwn1OYoKaUGfDjZsuf7Oy7_nsn7XmkZcDAHxQk8dUkgbTsgRi-VmcDPE1VTE7CZPX_GscDk8Fl6dKpoF0baguinjROaDJGm72XZsc9JpN-TwcNfwphEZGz3yvfPl9G2MNI_dF7883qDLIj6uhtaB3DK5kuRwe0ub5I5_EEALcU1RNNIbmVXFv0tpJ9yuoaxDZlNk9ifF8ooHU0tmA6eHh5nGRy04Kj-yiesXgov5GsEwv8sjrhoq_Yxo_whoiRZtDPsX7mNB6w6K65N5T8vaDEd5vUL8hkv-SypirUA3PipAvIRvUj8Go7PGqeLhdPRvjOP2fBS1fcffR&cid=CAQSSwDICaaNVg1FOblD6OtKT4Z67hHwgRkEpcOeWjc3AmWQDJs4_ibLar1gTuZ07bbbiWr53TaQWN3RTbtEy6KsOsktHjzSHFfwruvFghgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fapp.tweakdoor.com%2F&ds=l&xdt=1&iif=1&cor=15604649558678325000&adk=250412560&idt=154&cac=0&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1d7f799dfc8dac037f4187b4ba592dd50034a53d8915b8a246c627e413394f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=2168616157&adk=4202454054&adf=1788474492&pi=t.ma~as.2168616157&w=300&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=300x600&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144401&bpp=9&bdt=1154&idt=9&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQCaf9Tobt&p=https%3A//app.tweakdoor.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41711
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 9A5F 11 KB
4 KB 93ms
86ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=97.287;sz=728x90;u_sd=1;dc_adk=3424353018;ord=n2ongy;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fapp.tweakdoor.com%2F$0;xdt=1;crlt=GbXxTO9h(!;stc=1;chaa=1;sttr=121;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 18:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 18:00:25 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9A5F 0
0 166ms
67ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNnlHZ2y0fIe0vnAl6PrXqkJT1Iy7kCA1DK-C9YTwwUO1kBoNLIaq1OXg-fU71LqMFszF4-yoXi3MQ8nqGmTcRsyidhNPUzh3moWGREaz0w_KoQnkws75pqlRYm-H1HJICMmn1SCa7lpwW0_IqMqxKn41Z_e9JTC0GZEiMWfJe&sai=AMfl-YRFupIf_X7VPig3K6oRCyWKzBMSEk0rztrsIUS0rEX9tDnmYcbpIfZK5PXQ2uzAQSDIbSoNzRtw4KoWRjQ3szxzQg1doMBfPhk3uA&sig=Cg0ArKJSzJbSi2QftGwUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20231017.52446&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 7410484386335067809
s0.2mdn.net/simgad/ Frame 9A5F 123 KB
124 KB 693ms
22ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7410484386335067809

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcbd4882f0c4557f44d9d7340ab5a08c7b8cdf3dc5cba9996a18c95160acbd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 11:44:27 GMT
x-content-type-options: nosniff
age: 368080
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126353
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 16:06:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Oct 2024 11:44:27 GMT

GET
H/1.1 200
OK dv-measurements4826.js Show response
cdn.doubleverify.com/ Frame 74EC 420 KB
99 KB 30ms
27ms Script
application/javascript 2a02:26f0:480:15::213:7e52
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4826.js
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:15::213:7e52 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: a5e299a85a9b163a13f8922e875d903e3886d98af3007f64e3b106b0fd4486c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:59:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Oct 2023 07:56:38 GMT
Server: UploadServer
ETag: "a1cf6f2436096e7eb8c6981432e7fc1c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101065
Expires: Sun, 20 Oct 2024 17:59:06 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A0CB 38 KB
13 KB 23ms
22ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 219257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1475223/71249294/ Frame 7C03 249 KB
75 KB 278ms
130ms Script
application/javascript 52.215.161.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1475223/71249294/skeleton.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-4420332636058530&ias_chanId=1&ias_placementId=20111329642&bidurl=https://app.tweakdoor.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iJBfkmRAQsvlKmaEmbN5I4
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.161.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-161-107.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 09735b615fcc5fbd72e4ad459ecdd3f7bfe692116ca610cc7c2f55643a8bdc0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7C03 111 KB
39 KB 562ms
23ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 Oct 2023 00:02:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 7C03 11 KB
4 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwVXGcz9cq0fC8ZebXmEz7PXQA8B0dBsO6UbsWwZrgWVZGupi-rubd8wVKahrn0KNcsPZhAMEGJW4gVfqVrA30bFx4M7yNUqQVbw28BzkQYdFJgFlnWDK2cIhZE_yQLI251-2ep2-Xoq3JX5gHPuvrHLERCyr2H7U1FcI6vtL4Zh41oaA&dbm_d=AKAmf-A-G8IlTDDiOT8LRhqpSxMAWEBOGpkzn2K0jrLxTCCiYdfAecWncy0iOTIYfi5-4HXUlzGyV4vB0hmOXBAwBAucAUxpnhaDxIr0AcRLohmolbPp627ZD9XnZFNqAM20pW6-UWBc4t0patAw8S_7hYmGFWa0OPYfPO0c1KfSb9NfPoqv9z5k-mFrQQjjSbj4feMjX7hxUHxKcaBhK9QJbswGtLKo-5oxy1o8nHV38-OY9e4eaTYs6nRR4nobluWpD-23R064jrG_bRPhX7QHHMra16Dx2Afwtn11YoeO4GliWm4RFOUQ9JJGltouWjEd--KOWFZld771Z36dQcDCYXjTqgOpIkvpwbaGrutACHFxUSfUSfRuTImDa2bgmwjjGVOjbeiGnNRpZomYLSuooZ3wkNvakm9EDgmiMJgO-w0F5dm0HQalD2p9sg-yReXTZ4OH2GrXMqMs0gUHFcw02_xp4-vZ0nIVp9rA4WEKmI95vqA5CRsLvni4ncXDLtFQgtK2-AzwS4G0QiopfnTWiGneF3cay-18FFsz1ho2V1TEZS4lBNOSI3TDckR1CCNf58DunpAui7ozXBVeYmDiyS3fgiHzXLciSWAV6TvQPaYaIkYPANk0K96kJQoqug7cZom5tvTpbzWYISz_RxwNXkDLQcSKNU9Nx2uOykrFV6RqJEvKETYKZraOT3wzNhQbMAfUOaj6nhrJTLyZREmR7ZOp2KqLC-GNpU8LuDMb9w5HZDr9NMwIAWjK1Xiy34tNghD9xnuPXAdUIRYL8NLsCWNehU5pyNadHB-u6BIF2kl1gpzCB6TlSQsFx-m6D8sYLPkXe1TlSrmLT0BVpmyBUcwzpmYAtIlliHghOJkTUUBApmbG9m3V48GDnpqG-icOWIhltdgOpFFT14GP0LfTqp7Jf-TRSR_4lwYdIzQLrEtXacsBRTUtgqKyW66T2EspBrCfs4PRCxHfIETlk_16x6dB3L4-iRIk0Mmpipmy2wSlPMlmiosiJFvYCcWMXHfZP5ZWX2Plgn4HFcdQb-5NV4VN8wW8zVgOLhpVFbR_3136NKOPJ1KVfNkveIGiLBqTqhXskfYH8Uv4YU3UzcTfpskNftWG5JmKy8vIXnAJMExwFA6mJ3MrCMn4jQNZC9SZf5gDUgrfJE1ByjNdphWHvmKl2R2-FlWOE6m2v9bmsckhu6nhe60qa6WtoD2D_amH-HKWyJ0jbI0Je-lxP2-ZSqVuascUN0Ls6NFyvOIkLkb_7EA9xJ9gK-J_nJRukQuSBLXOAddOQJz9HwHCKxQo-w-EZyXbLO1MAHNriXYXUaoonfJoXYuIaKMgsCGip3LBXlxdRufml0mmzybgDfMdBnipygLmaP6S6_cvbEpghHbGzOKhxNU2Xk64GosyN3GPs1PdgSr5Ssj6SboYrF-1zeuwLNXgYVaoAkjty7iSKj3GjC8evrJl0CmgFCyZBnK8GJ5L2bN4jwJVoA9BfwZNJtyswIBxsXEdYX5169ETGhYnmiNeZ2klCxF1MXFccGc6JT5ti4T38ALf-7LpoaIcdRLjsddfL9Q2T-4RUc72Rv3v57QnIJuu18OpKzN8-HwaSvNFgp4qdGANLXgGHYXt2butuD7I3UFNIVmWJWMJcrMqfigGB_-kzWyfqOIY7TJoDZ1aSNCVR4fEX9HJUDmLqIucYbG1k2BXhSYmLIuFjRa8akmFiH3OBXskuH5XJKAezGb_PiOzDmLRNQ5JFltu-6OzyhvBVQd86B7cffQwnrgQ_i1n8FZMIIXX58qbPYGj6QWlwuoQgZofbPVip9rgmOHp2CcaJdkPyxbZGY6w2Tu3O9Pf_1JmM0tP9gNY_7qa5DkKWIesoh5q0m7596OUVXLUVFFoKeOJpX9Op5y264WXu7k-Dtpkwc5C_5DLFYLo6Y2w9QneFKiK4FJWyMhzcpwhkZWo2MhRpCs1UIDYv5wupkks7VAR_qV8vSijjhCg_P9c48CSXEUQCWxXnEjYHlyf6QChSjvj0fitPfIWe4f7t2qhBWYltaSStYvAirC_ix8c6_eXZ-aex-r-uG_WLUPD_HxWxCtGncyJbBVeWTa5W4IcoSTHqmgLvLfiQ2QAIiB2aJf03bHrB21X03AA0mwMB76FHsuPcl4yCRNjq9FxpzXqs3z6lIX4Jy7Q4tRNO-F5wS5zaLleDkrMwpiMyKjQ-7VGUffCdVci5SVfZZzFgIRLoyZxOVrz0BBliNNjcF32dBKllt_JyS9gcUX71bwk9GNjOMqW82xTVp_z2Hd_Kkm8dkPcAyft_boscNuUrnhMLLRcrjQdrei4NJbE2JPyU07AqwcxSn4ahy9za36cVjIoCS7vuWrlENOIksVDTsC4e47FE3_9IEyCHNJ4NPw77ZD8E5YCN0SDuBX7q1xPmpQatuorV5jOpnEQX3bUUEXParTsnv2nOuNG8cMgv9hnLAjZKM6bqQWnDkGP9f3YWHL1lO6R6SoXpmHfEgoL2zbcQHKWrnTTBoyKwn860L79d_fM2DE2qlccNOWxlyv9IWVdihLux6Sh-LSaJGE6_syPhkgf0YiUV4CtYgqZTMsRr57FYFm9Fb6Wk_AAhoaVKK2FajBwONk92HrE8HuGrbv5Mb7-w-wkbmNmbpTjuKZ52LylJ2LSF9tot7BfnV0f12S_4H3WwIG5vkd6-xx95S2Jr1HPca2TjHHgsm2kBDaXzsjxK-xgC6h-AtT7D2hbdH3-j6oc039mHak8yfkG9Qt-GWf00OdJ-VMuLPrjM6Y50bGTvvMQbGQbfxWidLhMJV2WGWAbqb81dcz4AL5QaJXJ1GdjmS4XlZCdKDIplKFW4TCSU4JouCcRLKg5RGkfdSXnczr_uXBSEo9jiG6d44ZHvoUI2A-BaTDvwQ_vh6abMFMaEnQzSV4o6pUp3CNXVHE2QnkenWG4eMT7UpZdxjPTwrLzTCLERU2iI12otYECGfyCmklAGchNsqsSzwtGKABAWP-edpDdiUpDjW46QKrV5BAHocqxj13v6aaxj1sRQgKQQbgmRu86PvTPmiC_72wgKz-gjR-fUSK5dfjwCHQswyyhSXET9QYC8VR_W9JEoaPqYYhrsBUwR8BZ1DLWzuP8daOplks9ReI2vlK9Uzv3m2sM7aFJHhm_DdKveQa8a474JHequ53piD8hIYJl5FoPyHYR8DHqc6wXwn1OYoKaUGfDjZsuf7Oy7_nsn7XmkZcDAHxQk8dUkgbTsgRi-VmcDPE1VTE7CZPX_GscDk8Fl6dKpoF0baguinjROaDJGm72XZsc9JpN-TwcNfwphEZGz3yvfPl9G2MNI_dF7883qDLIj6uhtaB3DK5kuRwe0ub5I5_EEALcU1RNNIbmVXFv0tpJ9yuoaxDZlNk9ifF8ooHU0tmA6eHh5nGRy04Kj-yiesXgov5GsEwv8sjrhoq_Yxo_whoiRZtDPsX7mNB6w6K65N5T8vaDEd5vUL8hkv-SypirUA3PipAvIRvUj8Go7PGqeLhdPRvjOP2fBS1fcffR&cid=CAQSSwDICaaNVg1FOblD6OtKT4Z67hHwgRkEpcOeWjc3AmWQDJs4_ibLar1gTuZ07bbbiWr53TaQWN3RTbtEy6KsOsktHjzSHFfwruvFghgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fapp.tweakdoor.com%2F&ds=l&xdt=1&iif=1&cor=15604649558678325000&adk=250412560&idt=154&cac=0&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:02:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 23:02:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 7C03 30 KB
11 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c75166534a7cf375f7963558a6a55858688f6c289c9d200706ce1592669ffe3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:16:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11596
x-xss-protection: 0
server: cafe
etag: 6499730840814102677
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 00:16:08 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7C03 41 KB
13 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 18:02:43 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/6688641;4438443;0;271;413617B0-4FE2-5DA6-89D8-E844D16B1D21/ Frame 473C 42 B
343 B 199ms
103ms Image
image/gif 23.215.22.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/state/6688641;4438443;0;271;413617B0-4FE2-5DA6-89D8-E844D16B1D21/?ft_data=[PLAYBACKMETHODS]|[CONTINUOUSPLAY]|[TIMESINCEINTERACTION]&cachebuster=2046188777

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.215.22.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-215-22-232.deploy.static.akamaitechnologies.com

Software

prod-xre-app13.frk11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Oct 2023 17:59:06 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app13.frk11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Sat, 21 Oct 2023 17:59:06 GMT

GET
H2 200 ft.stat
ad-events.flashtalking.com/ Frame 473C 0
67 B 2078ms
39ms Image
text/plain 3.11.61.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/ft.stat?13539;189093;6688641;4438443;0;13;413617B0-4FE2-5DA6-89D8-E844D16B1D21;57726111DABE48;2046188777
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.61.157 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-61-157.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:08 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 204
No Content event.png
tpsc-video-eu.doubleverify.com/ Frame 473C 0
162 B 247ms
46ms Image
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-video-eu.doubleverify.com/event.png?vstevt=0&dup=b8438f09-ec3c-4245-9e8c-2d892c31c916
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Oct 2023 17:59:06 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 2023-10-20T17:59:06

GET
H2 200 dc_oe=ChMI4JG89duHggMViobVCh0qTwf3EAAYACDS6otcQhMIuayF9duHggMVSRWtBh3WIw4B;met=1;acvw=sv%3D958%26v%3D20231011%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame 473C 42 B
401 B 456ms
343ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4JG89duHggMViobVCh0qTwf3EAAYACDS6otcQhMIuayF9duHggMVSRWtBh3WIw4B;met=1;acvw=sv%3D958%26v%3D20231011%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D25%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D789003453%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1697911146507;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 473C 42 B
64 B 82ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CichnaBE0ZbnYIMmqtOUP1se4CMTlwOhwpbbs6qkRj8i-wM88EAEg_fzbKGCVgoCAmAegAYLk69ApyAEFqAMByAObBKoE9gFP0Np2tRA_IM67QiYVdgnRCmxQU_7ogmG5r4or7k1JIBw3duylCI7FRPfVxRtf29RVG_xK4oS4dAAxwcCkdlbKrTA8_cT_XlUvMs04Iu0SOftWZnsQRMkUnS1K67YVqsDSYTxFHNUqq_EFe78c_F1U0LiQP_hnWxeU9aMOmxC0YnB8F06Zdi0YVQg9I5gZfDJV8k3IvCQXCejSNkvwnQRyF4npB2Avo3VHX4iVrDhkXeaxUjDw5mXwHILfz4n-yjdwxp9tFDyck5kQU9k6IhHkcR3qL8ZZti8JMO_Rq02lvYqA3oIfpQN9lqxtio0-VXnNdgk_XHvABPnVl4arBOAEA4gFx8K3okuQBgGgBnmAB4KcvLAEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGiDAwqCgoI5LSxAu61sQKqDQJERbATvYGTFdATANgTDYgUAdgUAdAVAfgWAYAXAQ&sigh=6Wkt8lWjMwc&label=part2viewed&ad_mt=25&acvw=sv%3D958%26v%3D20231011%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D25%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D789003453%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1697911146507

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=925113182&adf=189457609&pi=t.ma~as.2168616157&w=728&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=728x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144422&bpp=7&bdt=1174&idt=7&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeoE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Rcwr77aTq1&p=https%3A//app.tweakdoor.com&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

4438443.gif
cdn.flashtalking.com/xre/668/6688641/4438443/image/ Frame 473C
Redirect Chain

https://servedby.flashtalking.com/imp/1/189093;6688641;201;gifimpid;DV360;DV360FY23StockBEHCustomIntentDEDSKVID1920x1080/?ft_impID=413617B0-4FE2-5DA6-89D8-E844D16B1D21&ft_custom=&ft_c1=&ft_c2=&ft_c...
https://cdn.flashtalking.com/xre/668/6688641/4438443/image/4438443.gif

42 B
397 B

1442ms
383ms

Image
image/gif

2.18.96.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/xre/668/6688641/4438443/image/4438443.gif
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: HTTP/1.1
Server: 2.18.96.37 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-96-37.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:59:08 GMT
Last-Modified: Fri, 01 Sep 2023 16:39:13 GMT
Server: Flashtalking (AKA)
ETag: W/"d89746888da2d9510b64a9f031eaecd5"
Content-Type: image/gif
X-Varnish: 636394237
Cache-Control: max-age=420
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Sat, 21 Oct 2023 18:06:08 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 21 Oct 2023 17:59:06 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app4.frk11
Access-Control-Allow-Origin: *
Location: https://cdn.flashtalking.com/xre/668/6688641/4438443/image/4438443.gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Sat, 21 Oct 2023 17:59:06 GMT

GET
H/1.1 200 img.png
d9.flashtalking.com/img/ Frame 473C 70 B
484 B 595ms
54ms Image
image/png 52.50.230.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.flashtalking.com/img/img.png?D9r.DeviceID=true&D9v.CampID=3175&D9v.CCampID=189093&D9v.ImpID=413617B0-4FE2-5DA6-89D8-E844D16B1D21&D9c=ftVideo&D9c.placementId=6688641&D9c.creativeId=4438443&D9c.confId=0&D9c.privacy=t&D9v.gdpr=FT_GDPR&D9v.gdpr_consent=&D9v.us_privacy=!!US_PRIVACY!&cb=2046188777
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.230.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-230-234.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash: f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 17:59:06 GMT
Server: Apache/2.4.52 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: d9.flashtalking.com
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 70

GET
H/1.1 204
No Content visit.jpg
tpsc-video-eu.doubleverify.com/ Frame 473C 0
162 B 270ms
72ms Image
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-video-eu.doubleverify.com/visit.jpg?vstevt=2&tagtype=video&ctx=1828362&cmp=189093&sid=18330&plc=6688641&adsrv=29&aubndl=&turl=https%3A%2F%2Fapp.tweakdoor.com%2F&auxch=1&pltfrm=1&ausite=762280502321&autt=4&ppid=103&prr=1&auevent=ABAjH0ijrwJC4xcoCFNBraodrew0&c1=3060631&auorder=1012742112&aulitem=20204872007&aucrtv=495654974&aufilter1=3060631&audeal=&crt=6688641-4438443-0&dup=b8438f09-ec3c-4245-9e8c-2d892c31c916&dvtagver=dvot_2023-10-19_22a448108_a5401a6&vad=15000&vmftype=video&dvp_cfbs=82&dvp_infra=cloudflare&dvp_zjsver=0.21.17&apifw=7&dvp_psfts=1697911145692&dvp_psfst=ack&vstvr=2.0-i&dvp_blk=1&app=-1&essd=0
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Oct 2023 17:59:06 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 10/20/2023 17:59:06

GET
H2 204 /
vtrk.doubleverify.com/ Frame 473C 0
184 B 518ms
354ms Image
text/plain 2606:4700:4400::ac40:9111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&ec=vast&cid=b8438f09-ec3c-4245-9e8c-2d892c31c916&el=https%3A%2F%2Fservedby.flashtalking.com%2Fimp%2F8%2F189093%3B6688641%3B208%3Bxml%3BDV360%3BDV360FY23StockBEHCustomIntentDEDSKVID1920x1080%2F%3Fgdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%26us_privacy%3D%24%7BUS_PRIVACY%7D%26pbMethods%3D%5BPLAYBACKMETHODS%5D%7C%5BCONTINUOUSPLAY%5D%7C%5BTIMESINCEINTERACTION%5D%26cachebuster%3D%5BCACHEBUSTER%5D&ea=impression&cm114=1&cm115=71&cd101=vast&cd102=src&cd111=inline&cd112=unwrapped&cd117=2&cd170=29&cd182=vpaid-transformer%400.21.17&cd188=FRA&cd189=cloudflare&cd190=1828362&cd191=189093&cd192=18330&cd193=6688641&cd195=1&cd196=3&cd141=7&cd142=2023-10-21T17%3A59%3A06.521Z&cd143=2023-10-21T17%3A59%3A06.521Z&z=88236904
Requested by: Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:07 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 819b647d0b399c12-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 473C 0
138 B 106ms
101ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv6C-OZz2tFQTi1XgpinFRPFRkxuOfrLv-LUg2nghKFJ6WESKe_gteUaFTC19BGSZHCfNfcnPZObPU-gSGOc7IJ7GZlnR369g-Jb6p8H228k62YR26NJFilNZ9cy2r4A2KJHa1NupTbJmBlb5dq5F6NLq6sU4VtUmE5Ewr_e3p25tKoL4HQNg5z5Osq5dQB0d_r4LCVAReEF9jDB85XA6fdAieDFcUxOK_Cgxfc-lPh3e3WT8fgvW-RBS9XRcJ83Ejflkc_e2ytn90ehGrkmCOpnyAn2MC_kqwZ-chjDXvdmTE2FOBBHMpi6zKQzrOTaf_LNzX8Hj8nQvkRBbLyuKdMKDMtLh_FGbpwh5fk7WL3MQqwEkWk8CGWyiI2RIFaL-X7KTuATSsF4ErwgYbzcrq4amzDAm0fM9k2iVncV_aw_2vEIF-zQQpkjdWi9tpyXjGQqa8XHk1C43DuHPixRXGTrxOVZg7HOsJKUZSeGEOj4eU-q-raCB9NcAs3DDjENXYf8bcTHwPTnbyv4Wm7JbkByx7qVJULxPnjt56o-C3a7QV5UR5oYOCyiqmewDkgZYJC8OPXprGB80Aq3ZjqZ2jRkdwr4n6hjkLhm97st6zJqnQVuLoe684Wu8UFK6v7hqGU9UEgCDUii9ERHVglY9HtHGCPuuJoJBklvw31xRPJJZDA3uSHpXUXMKFLUZX9kHgHvqFELZSvDDBkzV-JyADXC-2MxAJ4u_XRxKmSY2FRyhQBFzXUtxRCjKLONXCXqbmRizs6NyKABfsv-loR0eYDY7iMFOI34P2Jbpg9fvsGoMu0qbCwQ04IeSXKN0JZ81bbjZuulnqDUmeduEj83OGvNuhha6dMNqvtfDfMCWlTEybgmOxpSyKtoU52MXok6Tz4NfOqI9EzUEHvCS-s0ORmUbLTElShd_8_TIfRUF-BhaBFmEq1AjlcnPM1ZT-fJKuOtKRWRk_FeyAvgEreb8V4UUiQjVxB66wLQV3iCbG_673gBeL6ax6KH2CXllkUr9eYmSWHDaWj6gk4YDj1TnbMhubQySsZsbUHxtljcWlQuqhCodE5oyM_tv2jk82_wpk-ep3Ph39UD01LhwJQ4D9B0AaAp33ZFiZq_AGZG-FXXrAs8QTebzS10ULTbt_PiD5jjH_xPtWuSkA_CHMrlDMp6o1ZDlb6YhG8nq_6AkrXxeiWR14PiU71Kxg87t9WF2Ak4BcE35HRqKrIXIebf9aHqKRVUKQ7zvbpkLE9QTD4QbbEu3ak3SZm84UuHmcXwlTNGAsWmxJCHlumGvqbENyZhr9fkx2nqIKibXM0&sai=AMfl-YQCHRhr0m1wXOMXc--Z-B_5DExR-0HjqYL-NvJKiznWAGUt-s9y8MdoVzHMyQIld6DKWXO23LteRPGUOInwHjidNQ_l7R2gkD1ZT4zxVkpThmlfdnI-z6qdZGA4uzUO8GyFgYPISSC4H2oGUodVwm2stimUxY7GA3OTSHRcLSd8VzXiJovvWnXl3bGlBVyA1vtPuqsR2pGnmt7Gvbrvpm71KR0r0IPVVka_rIuwr16hjobJoyqqeZ-hSem0ySxrR21AcdcHkt_Rsu_S0W4FMLD-kRpWs3UnfKuL97B8dqR86vr3djpLP-9RPVc&sig=Cg0ArKJSzBrRx5M4ce2kEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 21 Oct 2023 17:59:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 473C 0
16 B 82ms
77ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQYvrCs7AEgATAB&v=APEucNUHQi4Z7bq5koU_4P8iQ0mLXpPxd97anD1zolUVZMqxJtD9XF5UatImIiYRuK72rv1tdQxoghy0Nmj4zA4fDEOkPsI1Uw

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=925113182&adf=189457609&pi=t.ma~as.2168616157&w=728&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=728x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144422&bpp=7&bdt=1174&idt=7&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeoE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Rcwr77aTq1&p=https%3A//app.tweakdoor.com&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 473C 0
20 B 173ms
169ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 473C 42 B
64 B 176ms
172ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKxfM2TEe0CWekJXzw-S1QW8RPpXH2P9Tq7BfltdUU4XiGKZCNsViiatycUaEG-raJKk2Grbzj1rReHFva2w4gfFHyFKxbpmngopju06oVn0sMTrX5j8I2mu71_WgrhGDThAIWEw1x1GnR&sai=AMfl-YQ1zV5qpJ_XoGpxA86ssu67XISFYTh-2z48G9XCYLtVSN9tJe38LUg3UdfObJRsCPkW1YhdZtCKNJOUmvkkwTpunEs2ZD3u_O04YuNZKI2d_24AK17UxJ9X60-03rG3NNjfQZLHdiePrMfN&sig=Cg0ArKJSzEdlKy5N7e5BEAE&cid=CAQSSwDICaaN0S0-pseKODxwVF6aRNA4sgwX_rC4Cnzx6pN-l_vyUymmUiKspfeQi_D1YW6VU0S84xXrM3eXOTHRgVC3F2ugon7HMgZpdxgB&id=lidarv&acvw=sv%3D958%26v%3D20231011%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D25%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D789003453%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1697911146507&avm=1

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 473C 42 B
64 B 78ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CichnaBE0ZbnYIMmqtOUP1se4CMTlwOhwpbbs6qkRj8i-wM88EAEg_fzbKGCVgoCAmAegAYLk69ApyAEFqAMByAObBKoE9gFP0Np2tRA_IM67QiYVdgnRCmxQU_7ogmG5r4or7k1JIBw3duylCI7FRPfVxRtf29RVG_xK4oS4dAAxwcCkdlbKrTA8_cT_XlUvMs04Iu0SOftWZnsQRMkUnS1K67YVqsDSYTxFHNUqq_EFe78c_F1U0LiQP_hnWxeU9aMOmxC0YnB8F06Zdi0YVQg9I5gZfDJV8k3IvCQXCejSNkvwnQRyF4npB2Avo3VHX4iVrDhkXeaxUjDw5mXwHILfz4n-yjdwxp9tFDyck5kQU9k6IhHkcR3qL8ZZti8JMO_Rq02lvYqA3oIfpQN9lqxtio0-VXnNdgk_XHvABPnVl4arBOAEA4gFx8K3okuQBgGgBnmAB4KcvLAEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGiDAwqCgoI5LSxAu61sQKqDQJERbATvYGTFdATANgTDYgUAdgUAdAVAfgWAYAXAQ&sigh=6Wkt8lWjMwc&label=vast_creativeview&ad_mt=25&acvw=sv%3D958%26v%3D20231011%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D25%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D789003453%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1697911146507

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=925113182&adf=189457609&pi=t.ma~as.2168616157&w=728&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=728x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144422&bpp=7&bdt=1174&idt=7&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeoE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Rcwr77aTq1&p=https%3A//app.tweakdoor.com&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 473C 0
17 B 793ms
791ms Ping
image/gif 2607:f8b0:4003:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lo0cgh00&c=3998172496466&slotId=1999086248233&qqid=CLmshfXbh4IDFUkVrQYd1iMOAQ&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=6&smb=Infinity&br=25000&mt=video%2Fmp4&vs=1920x1080&dm=15000&event_name=first_play&asset_bytes=171362&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=7&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1lm~ff.1mo~videopreviewstarted.1mq
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231011_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4003:c13::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7C03 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9557c41178eaf4269a64db727c47c56ae23bd305460cf3e9a471f7e52d0573b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B00 133 KB
41 KB 879ms
873ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44c05b945531a2a5ec85d8337d10de51493ff8b396f5d8dda0ac3d5a85face4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42233
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:59:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 41D1 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 custom
glimtors.net/ Frame 0
0 60ms
59ms Preflight
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glimtors.net/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.tweakdoor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://app.tweakdoor.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 21 Oct 2023 17:59:06 GMT
server: nginx

POST
H2 200 custom Show response
glimtors.net/ 39 B
333 B 804ms
794ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glimtors.net/custom

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.tweakdoor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: ca6d96d543bfd6767caa94b51d68d3c4
date: Sat, 21 Oct 2023 17:59:07 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.tweakdoor.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 39

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB04 0
20 B 261ms
258ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BzJTvaRE0ZZekBt6QjuwP0tfh8A4AAAAAOAHgBAI&bg=!bW6lbiHNAAY5nEQaGZw7ADQBe5WfOOF0uX4So_VIQOlgFMYIQsCHCdqcxTIdVlXy60rQ5f91u8_JZwQLz3Devt3MwTnjAgAAAgRSAAAABGgBB5kC_iZeMOdcSfurNJNZjgyWJ7pLWUsJnDxl3dAd4ZnLNME0lAbRRegZSHzEeNdrzmp1HrLjv4KlXBrt2vU1t_pmQnHIl_pvZ34TVK-9l4v34ko7fasDFX0a8w7yheS-LhMC_Vg2PzfztwQ4ZhVuA518yy2mS7W-rQoKKD1C2hAGFI7Y-B_-1K0QvUZsIki1LVah5It1nUj6JPd8OjUl_ohD4PXbTPPnMoUfBXrb4Z6Gom-SeAKf3XuU7BsRqesNuCk8ESosi92N7ZX4NirP9np-RuPfocQvcr0X6evE47yaTKt37q7t772gxm28HjTRpgZq2IKG461xLUoYeU5oy-5WWl-i5IABhfuAlw7P-XoS40lzEevQZmbvfBhRwJANUUzwigobVlE3StDFdJqdN51Fg0HfG4yP5SwMpG9twt2FZb2xtU1Hj7GUQBEP-99ORK3zPSfqN0LJPhiVqjKuYmI55SzMMb6z7yoZ1xsqT5MFnob_MxZHG5nJpqysZ9OA9VXnY0pj2s1WX6hobGQMVdee8SpRJN7dW8-KPnhjl9MTO3PpgYOavIQJbGR-YhNSX2QvjJ3SX0r37FpYhnCJVoomuVKVNjpSuue3tVTr3HFF_5-DaXIq2H5zCfdkKH0lNde_5JLSYx8GMPad08eiJa_6IvGyDlSA2VsQ8oBdwxJyCL30Efz5z77BuCYTuFXVVAJNOjVyysH4jmeAKXP9kQRPVwgb_JJUZU85BD9QNPHoL9ssnkQoiPMgUgXalWIlRQwdOsgEt7hf55KrQT1a4XrZcmi8KdCF2DOAq4_aQ9nJvNasmdOZ1K9iYK_lItTdUSeLdoYRrSrOQqXM51KLlyAZzeVp5wdv4dzxi63y-WtBz1hEnALSrpF7K5OQti-o6IXeyZaDkfsTMLh-XdomyrLTZbiokMPZ2ygb_xk_j7rZln1KrHv9rmLrtbsxeEHTvKt6OMhsLcMIVRW60oU3dtr_-djZujLhr7XbRQSl3DpnF8fXNXCntH-Y6aXAZfLmTOQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js Show response
pagead2.googlesyndication.com/bg/ Frame A0CB 37 KB
14 KB 131ms
129ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 345252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14604
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:04:54 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BCCA 22 KB
8 KB 54ms
50ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 150991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 00:02:35 GMT
expires: Sat, 19 Oct 2024 00:02:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js Show response
pagead2.googlesyndication.com/bg/ Frame BCCA 37 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dac844dfab81cbe106e5e8ff37a4fd62bd95f1139b67dc76e624b7662b6b019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 345278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14519
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:04:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1FB 0
20 B 177ms
176ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B-BhuaRE0ZaC5GoqN1gaqnp24DwAAAAA4AeAEAg&bg=!xMelx4jNAAY5nEQaGZw7ADQBe5WfONt1gBzaeB0HoqZMT21v1RFvgWWYGcvJexOgI7aOrxU3fsNKzf0t7OENrUe0GZ8_AgAAAj5SAAAABGgBB5kC7Ryro11tf4_cefYWAYQjlN0TdlxV0PDq_d0OI_Xf3IrI66j7Y3Y621dQBdA9yio0KWu-SyXRgQWDgFLKYZsiuhtS9giv4Rnrp5HV7c4d6j45ZfJ376zbI_6Oz7koLTRgtcEm2k1ssA1-ZeML8cvldO7X9Df69kFmyQ9UcwLD4CrRnfoJfHgXobYcmqkRnlLW66kv552hjWmsOlIYH5q_OEv6vr3Ytm11yMzCnQwaZvRm8CuoKJhZu83dQMa-QiXJtlYN6snCpKbxk2ISeBXN3_wQZs5-vQ87ttViNFp0wqULmdUD-piVXGYM1dsuhdCMtf2_fAkAjVk22fH5hYpyGLP6FkH28ub2sqyEbJg02DPfgefID2vX-wPk88HiaE0lGUWiOOEMb9JjXC_UWWdLMvEwGZlq0yoWa0LVj8FDgrn2S4HaVGxztk67pF00RNaN5wLbkukrmMnE4op8rYTfxDsBFdgTOU-_JTQcJs4dspCkQAWYEv8Ga4Q4OGbOlHM8hiYHgVVSvGycn6BTwmcLOa3mv3XD4H404PKsGGRy0f4XD6eg-bLc-fKHB8udav8UUgI42UTNtF9Mgb5gi151hZ168zd0KbMrbwXDK26zOvhcyd3ljzrjrYI31fhuMBj_N8NKH2xrQ3NrslqBmMluRQsb8ekPSKnu-c8x3TTujWLjgHu9H-nsUbiqcoV2PYh9DeNPH6XuqBykggyhiTx3Gj_RvBMxrrXkPojsF4Sk2Q0I26AikPlXf9aotpdjhpuB6hpY0U0-MaJaaNLT_2unDS8zmJ9D7ZUzw7sLBiDWqBDYhyo3Q9hI8cVbPbYsvkXART115x6KwN2hQETf3xb9hOM5ufptWg3WMfHJOa5CYrnriTYkJpIxBPoBjvrHybl1CHJrHTMiOrAr62aa6diwWRyJ3aMHDEt29czoQVduYcEq1DkOSzfR2cXAa_j3hh_rir_CetaZWvB0kE030M3-X8YWpaVvwwHRcQR8zSu9

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 7C03
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1475223/71249294/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-4420332636058530&ias_chanId=1&ias_placementId=20111329642&bidurl=https://app.tweakdoor.co...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ahE0ZYv2EqqyjuwPz4WLkAk&cbFunctionName=goog_wrapCb_ahE0ZYv2EqqyjuwPz4WLkAk&true_pb=

1 KB
1 KB

68ms
50ms

Script
application/javascript

2600:9000:223f:cc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ahE0ZYv2EqqyjuwPz4WLkAk&cbFunctionName=goog_wrapCb_ahE0ZYv2EqqyjuwPz4WLkAk&true_pb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=2168616157&adk=4202454054&adf=1788474492&pi=t.ma~as.2168616157&w=300&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=300x600&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144401&bpp=9&bdt=1154&idt=9&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQCaf9Tobt&p=https%3A//app.tweakdoor.com&dtd=14
Protocol: H2
Server: 2600:9000:223f:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id: R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
date: Sun, 15 Oct 2023 06:40:23 GMT
x-amz-cf-pop: FRA56-P5
age: 559125
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: HxEr5DTTIEg2ReFDPW_a7P1QMZgibSUzmlOKoXt8NvIiOdQQyUryJQ==

Redirect headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:07 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ahE0ZYv2EqqyjuwPz4WLkAk&cbFunctionName=goog_wrapCb_ahE0ZYv2EqqyjuwPz4WLkAk&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame DF48 91 KB
23 KB 135ms
49ms Script
application/javascript 2600:9000:223f:cc00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=2168616157&adk=4202454054&adf=1788474492&pi=t.ma~as.2168616157&w=300&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=300x600&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144401&bpp=9&bdt=1154&idt=9&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQCaf9Tobt&p=https%3A//app.tweakdoor.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2656197
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: OCfLkjWlJcpwH7ThuUUV7gxfwMs1ftGjl7bJr8-cJX7Qi79B76v5uw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C03 43 B
215 B 417ms
118ms Image
image/gif 2600:1f18:1aca:4281:e6fa:3600:606c:fea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=d1d7f582-3edd-896e-b85d-dedb1585aced&tv=%7Bc:rHQM8h,pingTime:-3,time:81,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:30%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:81,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B72~0%5D,as:%5B72~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTls8zS+11%7C12%7C13%7C14*.1475223-71249294%7C141%7C142%7C151%7C152%7C161%7C171%7C1811%7C1812%7C1911%7C1912%7C1913%7C19141%7C1a%7C1b,idMap:14*,rmeas:1,rend:0,renddet:svg.us,siq:32%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=2168616157&adk=4202454054&adf=1788474492&pi=t.ma~as.2168616157&w=300&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=300x600&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144401&bpp=9&bdt=1154&idt=9&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQCaf9Tobt&p=https%3A//app.tweakdoor.com&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e6fa:3600:606c:fea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:07 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C03 43 B
216 B 404ms
116ms Image
image/gif 2600:1f18:1aca:4281:e6fa:3600:606c:fea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=d1d7f582-3edd-896e-b85d-dedb1585aced&tv=%7Bc:rHQM8k,pingTime:-6,time:84,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:84,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTls8zS+11%7C12%7C13%7C14*.1475223-71249294%7C141%7C142%7C151%7C152%7C161%7C171%7C1811%7C1812%7C1911%7C1912%7C1913%7C19141%7C1a%7C1b,idMap:14*,rmeas:1,rend:0,renddet:svg.us,siq:32%7D&tpiLookup=ao:app.tweakdoor.com*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=2168616157&adk=4202454054&adf=1788474492&pi=t.ma~as.2168616157&w=300&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=300x600&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144401&bpp=9&bdt=1154&idt=9&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQCaf9Tobt&p=https%3A//app.tweakdoor.com&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e6fa:3600:606c:fea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:07 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 all
csm.eu.criteo.net/ Frame 9CD7 0
127 B 47ms
36ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 21 Oct 2023 17:59:06 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C03 43 B
215 B 399ms
117ms Image
image/gif 2600:1f18:1aca:4281:e6fa:3600:606c:fea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=d1d7f582-3edd-896e-b85d-dedb1585aced&tv=%7Bc:rHQM8w,pingTime:-2,time:96,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2495,beZ:2496,mfA:2500,cmA:2502,inA:2502,inZ:2508,prA:2508,prZ:2518,si:2526,poA:2528,poZ:2562,cmZ:2562,mfZ:2562,loA:2579,loZ:2584,ltA:2591,ltZ:2591%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:30%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:96,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B86~0%5D,as:%5B86~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTls8zS+11%7C12%7C13%7C14*.1475223-71249294%7C141%7C142%7C151%7C152%7C161%7C171%7C1811%7C1812%7C1911%7C1912%7C1913%7C19141%7C1a%7C1b,idMap:14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:32,sinceFw:62,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=2168616157&adk=4202454054&adf=1788474492&pi=t.ma~as.2168616157&w=300&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=300x600&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144401&bpp=9&bdt=1154&idt=9&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQCaf9Tobt&p=https%3A//app.tweakdoor.com&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e6fa:3600:606c:fea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:07 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9A5F 0
0 125ms
124ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNnlHZ2y0fIe0vnAl6PrXqkJT1Iy7kCA1DK-C9YTwwUO1kBoNLIaq1OXg-fU71LqMFszF4-yoXi3MQ8nqGmTcRsyidhNPUzh3moWGREaz0w_KoQnkws75pqlRYm-H1HJICMmn1SCa7lpwW0_IqMqxKn41Z_e9JTC0GZEiMWfJe&sai=AMfl-YRFupIf_X7VPig3K6oRCyWKzBMSEk0rztrsIUS0rEX9tDnmYcbpIfZK5PXQ2uzAQSDIbSoNzRtw4KoWRjQ3szxzQg1doMBfPhk3uA&sig=Cg0ArKJSzJbSi2QftGwUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=827&vt=11&dtpt=824&dett=2&cstd=0&cisv=r20231017.52446&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/1958139614455648090/ Frame 05E0 6 KB
2 KB 37ms
32ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1958139614455648090/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8e78efe21cf931791491042ffe7359deb5d9c3ef8bdd85423b9a3b007f3370d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 455196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2278
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 11:32:31 GMT
expires: Tue, 15 Oct 2024 11:32:31 GMT
last-modified: Tue, 09 May 2023 14:24:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7C03 0
0 84ms
82ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMaEKFgYNSzbO5O1RPGge4amS1RE5Of7pbAx563A5sbyq03G4LL0fg2uuiijm17CiuGbkQrMVBzTBwSSPEPXsegG1_hh8noEkGX1C6Bdkz6Bfm1v7bo8m3ARWB1_jYtCJOgICrUlPSrVzlsZIcDh_H9kevxpQ6T4jwI_fp72ow3C_Y7CmaG8QBLFoZzalYHhi8nfQGoEm9sKqczIUMy_MejrsDwgs3XaIHvVaJ-rpTlVoPDp-gn59TZcM1_3C9s9pSApKiwUOqhtdPBcRP1qtnJ2ddmcCKX9Z1vNkD5qPz0zr0VWHGNS6W9M09TIAYCu_ZIWanK9C8WxfV5c0RmPSnNWkBQbHITbvVwDy53ienOXi5XgQ1VqWs0tpsYVA7Qf40NUHQttlZ9Ngv1oWpuPS_pcUD1NHA3PRYP5Dmvi7nqEgBy9IM_mDPBGi3hvHRQypCkwy-uUo2lB2sP3dfV6Lp8dUHVxPKz1Wzci1xonXfX9CE7dQduoC9c6L2KKxt4DG7AuD8T1fMkDMHxLgew5cC2NSXRgdrIxKvD-TLLG5qTPODAXqXJE_SsWfbJfoKbFyrDz376koXoQD7niA2igQywAZ8ZPPnMnGrnVbEcnXamarbSEtOyr35UU08EPCW3EYUCyx60dP_SiJFBIN58-C745zjZKhu5h4B3jfDj8vbml5vYFxAcfuBI_L7_5xAXdHrLhDJZAZV5jgZ1wFl6B0SOKwOZ4U9OeIn2184MIdqrGpmoDUl-ICfYUkUtU3lqJ7oDKptIZ4o4iHB_X6z98qjooGIIZEi8nkCMesahetvo0Tx9A1bfycTdkZC0uaN8PxmGYiQzU4ywkxykw9p_DB3Pr3KeW09QfQEyvUJYpag-dX7yyXeOsJyXNfde6GUFU_DVtqilXU9yZVQV1oXzCHiEXWC_5GMH5R4AMONLBfzMHeNJ2mdTTdwy7-mdc_IdbxCuMLsFpN5QpXiKjOrsMNdAoV0T4pHbnqETNLPg_o1fYaU_Z5kp5aMBXGmWyw47YBJKZuXri4aGYMhivHhZkNi5wFrD-FWB_n_Rs2rDOU0RA7OEk7Tq39zb7OF6uf4abw9Rj71Kw1kqqQf6nR-seWms--AMuf5YPDzkT_pySkoRGbGFzOxfxxiI1LeL2_5S5mb8tBcEHIuB4qhTX3kD-4GoFzAbXongc9lfUwaY7aDtQWj3zrdL4-pJ7pYpJ3V0coNLNIaehOW4KjYOqmYnbfwtYT33VGTJns-nLEHM-Iw798rqUUajJzgL51FIiff6uvn5rSOW7bdpUmkykujOCtGO5fDGym_BfOJvpyRkOQsfk8SyShF&sai=AMfl-YQk9jbDlsyUwWHbWlS4NOGsW8jhWUhpUug5vFMQvA8x3a0jBhrJ9iNpeAuFRICetmTsGExayH9F3Hb9zImykr7zHObVddpkCci2GFFah-jn_VYu185JIBzfKOUgJTLio-tFYlBJtLSfC5yiLg1dq1RMUOc1p-Xf20IaYgQ2tJfKaxLzIMNtQTGoEY8kyrPD7RuhbPLK8wDFz1hRfxHtcedG2Tus0QvxXdxRCWgunkbUEWL419L53l0_8OhOW5K6kDxJ80ViVpNv2dKq4CiUVKzPc3PxXECp&sig=Cg0ArKJSzB8X3FFuqMTWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=718&cbvp=1&cstd=712&cisv=r20231011.57258&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 21 Oct 2023 17:59:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A0CB 0
20 B 186ms
181ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BUUwoahE0ZYu1DcSdjuwPjeWqkA4AAAAAOAHgBAI&bg=!9vWl9brNAAY5nEQaGZw7ADQBe5WfOJLOEouOblBcve0oT9dZ2XvwF5x-7reyoyRd_Ua9dPKzU6tsDQkNkYiYf6iROCs2AgAAAYJSAAAABGgBB5kDDfMrRxbQYnImPXryxQ_D5W8jwioaoWrcRktMjqznMsjHcbb6qjG9SzuxmH2XHamYVBQiTZua1ObOL2SQ1Dog19TQ8g5wvtZkYlhJvfHl2giNIGv9klMW217IpL90xluwyMm9wUwVA8qvdK3zDAYnddWlsw-kIpqJAX2TKxu86Z3q4iLz7DXv_NvT_hVnOFYXvtqj1v5_z2F5SwWU-gLtwXFtSAIcvBj8ZvibDaP8z2NOnQ42eUBHPcJ7BKRLGt8zOW9ix6kdTA_iPsXOdlIRmCymtqb4rZs9jQvXBTVRheduajsq0Ov4XLDr_pq3M4Asc4WgjsVJgRdMQK07kzFFfQqWDKdnVUcXKsl2q2p855Xh1JE8EafZx2jqJYRM-eu7z3_pK_QZyp2MUXrYyNu4mHRpPSv6LZ7piTwKTGxoe3bxlVzfbkAvlTzQ3BvkKmOOBSlLQSeTB7TrXPCbR9xvHLojOxnTGnA7a6M0xPjY2PJNBjGPSeJcVXsZPd87zsiNj7KcrvshZgDK9qBWSgX836-Y5xGapqkclerArhHfoh8Hakn8OYqf1nYRL_b4Oxi1Em1dTARWYN_Xg8b4VSKN2SMrakPy_Z8aaNUFhlZWjTMOXKetn6M1f2lIjSBzWTONolCTWNVMk8kP76x0SAUscwPe7TbJguu5bi5PWxvt02pjTZgGLruTSAImsEvpz_49ZPZiIu_UbWShpZPp2ZGH0qnV2rh9o-gXwoGouxHafkIoM4bbQkCxGZukfJsSM3A02Az8iWZKOZZVPcrYKK5GcmZYF0h9yvIxa9re95izo1xJRdpwhw0_MqDvuqwJbkiba6Lyoy4FTEIOSM2pE2oaJxwZiDEzp031zGgefp-uDZNgWATrwOgcz8EViB--BZu4Qu0DIkkz6VBkj7yxKLNpvpQjC35X_SlwGSRO5nXqKGYRwiAxDBdpLvBecRplb90u36bIw0L1U5OiWPZy1Uq5QAv-sov6TpLLA8DNBm5niDL7qHY7ztFoenS_v3ijHq-4Ijd7H_rDsNYpsk_E1DY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 05E0 236 KB
63 KB 146ms
38ms Script
text/javascript 2a02:26f0:780::210:a408
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1958139614455648090/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:780::210:a408 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:07 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sat, 21 Oct 2023 18:14:07 GMT

GET
H2 200 index.js Show response
s0.2mdn.net/sadbundle/1958139614455648090/ Frame 05E0 196 KB
35 KB 34ms
31ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1958139614455648090/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1958139614455648090/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

526d68fb606b8001282ab510de99ce8c750e2a38377653b00a1dc55ac6e50bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1958139614455648090/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57354
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35354
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:24:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Oct 2024 02:03:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCCA 0
20 B 174ms
173ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqzsZahE0ZYv2EqqyjuwPz4WLkAkAAAAAOAHgBAI&bg=!aWqlaiXNAAY5nEQaGZw7ADQBe5WfOAt2T229gIg5GWt1mrFomEc16PRMppLbrLkX1JBNYr-abSuJZaI0vrAHNnaedfXZAgAAARdSAAAAA2gBB5kC3X5bck-RrzTD1IOzda6cOCxIfP40aV1QQo19BkCqc8W-SMse12cQzZUBv1j1NBAOicLJ6w0bdkfTWjmxAD_lz4lHIEt5vD2OOvjI-tArk9dZ6mmt1TVxhwm1rZqbjOtLC9uKeHAl-60hjeTvVi_KFU01vIixDNZDQXoLYj5ZT7wvyCTZWloKn7jvMY57Or2auPyHKy1WMTP2OxhHyqlp8WQr6IrGOs64uS2XTDqWQ1Bm12GNZ3_7f8f12ayqagLk-bGytYf-1NJYUtYgC1D3aF-4ptxg-dfkK4qoE9dXs2OJkvNrUj5W1qfq7a3UFJbuba1uVuUY5fHJasOEy2P5Rvp1ce8rW-vjSJe1XukjAu47KE-iVbPkJ-nvW-PA_c47HxtyUCGk8c54FguTjZXH0pVCrGvWqTd4lQ4_y2ehgSUrVVMJZNvXRG59tykw9nWnJ0xgP_2DnHwMyQFJGNZlE30HatIdKu0Y91gdpEVmQonfTLOhAL-B36vpJ8r8JV9Ucj8cg4EPyJGYDIBpnlWOTX4SDEZNmlTlJRt1MxK62Mn_2i_GMijAB4waWsaGYLE-OSpLxhnbG4_fADgkBCUAXQFO1y0QHjJdeatVeAt7SNNd23QnpoIB61mOEda9aGpd9c5gU4BRtLcLEMAfvqOyCkf5Q5uddVLtlMmejM7rseWog9aBkF753tOnGgaHud8o8Z1RUAovyPukw6ucufPFA9ouRTrDEEOpCpY2-4OjW18mD4WQMh8Bimy_zWoRJ1cCcE2yJUMAajb7pYZuOT2u8Lesazh-3fiL0qMbpq3aHoOpwcLl54kMOjTGSK5vhLHpXr3PLaqie4Uz_5wWmjgXtITtwPTzWShd49mJzMDtdd_yjljhFyITrOHVL-eoM-3Gg6iXg6gxfckou7SSI72iYD0hU74avEpmLfVvqA9R60ZjJOppWcocl3EADXRiyxDC3j1dytzNQ-iFTdEE5jM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C03 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4281:e6fa:3600:606c:fea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=d1d7f582-3edd-896e-b85d-dedb1585aced&tv=%7Bc:rHQMfU,pingTime:-10,time:554,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My44OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1697911147466%7C%7Cc6575cb9c276de754db803e9116a88e0%7C%7Cafe098ab9930c31009b81b3a08e6b29a%7C%7C97d30976a63094bf13280cd54a3fc29a%7C%7C29b87986c7695226ee4bb26820ceef96%7C%7C9ff5194cf045f0c71e8d3b3bc5bbafb1%7C%7Cf6fa0120ea386163c32dce52e0826426%7C%7C0d411fd10e1a2493f5cccc84f4fc5e1c%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=2168616157&adk=4202454054&adf=1788474492&pi=t.ma~as.2168616157&w=300&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=300x600&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144401&bpp=9&bdt=1154&idt=9&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQCaf9Tobt&p=https%3A//app.tweakdoor.com&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e6fa:3600:606c:fea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:07 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/1958139614455648090/images/ Frame 05E0 110 KB
110 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1958139614455648090/images/index_atlas_NP_1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73326d953dc613cca8f5b66beb19ca57158477825bb555139dfa24b80e100c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1958139614455648090/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 19:44:37 GMT
x-content-type-options: nosniff
age: 80070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113047
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:24:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Oct 2024 19:44:37 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7C03 0
0 164ms
163ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMaEKFgYNSzbO5O1RPGge4amS1RE5Of7pbAx563A5sbyq03G4LL0fg2uuiijm17CiuGbkQrMVBzTBwSSPEPXsegG1_hh8noEkGX1C6Bdkz6Bfm1v7bo8m3ARWB1_jYtCJOgICrUlPSrVzlsZIcDh_H9kevxpQ6T4jwI_fp72ow3C_Y7CmaG8QBLFoZzalYHhi8nfQGoEm9sKqczIUMy_MejrsDwgs3XaIHvVaJ-rpTlVoPDp-gn59TZcM1_3C9s9pSApKiwUOqhtdPBcRP1qtnJ2ddmcCKX9Z1vNkD5qPz0zr0VWHGNS6W9M09TIAYCu_ZIWanK9C8WxfV5c0RmPSnNWkBQbHITbvVwDy53ienOXi5XgQ1VqWs0tpsYVA7Qf40NUHQttlZ9Ngv1oWpuPS_pcUD1NHA3PRYP5Dmvi7nqEgBy9IM_mDPBGi3hvHRQypCkwy-uUo2lB2sP3dfV6Lp8dUHVxPKz1Wzci1xonXfX9CE7dQduoC9c6L2KKxt4DG7AuD8T1fMkDMHxLgew5cC2NSXRgdrIxKvD-TLLG5qTPODAXqXJE_SsWfbJfoKbFyrDz376koXoQD7niA2igQywAZ8ZPPnMnGrnVbEcnXamarbSEtOyr35UU08EPCW3EYUCyx60dP_SiJFBIN58-C745zjZKhu5h4B3jfDj8vbml5vYFxAcfuBI_L7_5xAXdHrLhDJZAZV5jgZ1wFl6B0SOKwOZ4U9OeIn2184MIdqrGpmoDUl-ICfYUkUtU3lqJ7oDKptIZ4o4iHB_X6z98qjooGIIZEi8nkCMesahetvo0Tx9A1bfycTdkZC0uaN8PxmGYiQzU4ywkxykw9p_DB3Pr3KeW09QfQEyvUJYpag-dX7yyXeOsJyXNfde6GUFU_DVtqilXU9yZVQV1oXzCHiEXWC_5GMH5R4AMONLBfzMHeNJ2mdTTdwy7-mdc_IdbxCuMLsFpN5QpXiKjOrsMNdAoV0T4pHbnqETNLPg_o1fYaU_Z5kp5aMBXGmWyw47YBJKZuXri4aGYMhivHhZkNi5wFrD-FWB_n_Rs2rDOU0RA7OEk7Tq39zb7OF6uf4abw9Rj71Kw1kqqQf6nR-seWms--AMuf5YPDzkT_pySkoRGbGFzOxfxxiI1LeL2_5S5mb8tBcEHIuB4qhTX3kD-4GoFzAbXongc9lfUwaY7aDtQWj3zrdL4-pJ7pYpJ3V0coNLNIaehOW4KjYOqmYnbfwtYT33VGTJns-nLEHM-Iw798rqUUajJzgL51FIiff6uvn5rSOW7bdpUmkykujOCtGO5fDGym_BfOJvpyRkOQsfk8SyShF&sai=AMfl-YQk9jbDlsyUwWHbWlS4NOGsW8jhWUhpUug5vFMQvA8x3a0jBhrJ9iNpeAuFRICetmTsGExayH9F3Hb9zImykr7zHObVddpkCci2GFFah-jn_VYu185JIBzfKOUgJTLio-tFYlBJtLSfC5yiLg1dq1RMUOc1p-Xf20IaYgQ2tJfKaxLzIMNtQTGoEY8kyrPD7RuhbPLK8wDFz1hRfxHtcedG2Tus0QvxXdxRCWgunkbUEWL419L53l0_8OhOW5K6kDxJ80ViVpNv2dKq4CiUVKzPc3PxXECp&sig=Cg0ArKJSzB8X3FFuqMTWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=996&vt=11&dtpt=278&dett=3&cstd=712&cisv=r20231011.57258&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 9B00 4 KB
632 B 45ms
45ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 21 Oct 2023 17:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 17:32:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Oct 2023 17:59:07 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 9B00 2 KB
825 B 30ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 00:02:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 9B00 23 KB
9 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 00:02:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 9B00 3 KB
1 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 13:29:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 13:29:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 00AF 1 KB
645 B 39ms
36ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 16:21:57 GMT
etag: 48472445140208031
expires: Sun, 22 Oct 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 9B00 20 KB
8 KB 72ms
69ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 00:02:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9B00 0
0 261ms
259ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUzXtUPpvsC0BkDIlYWPIe7W5mYMt_XnPbg6OVBQjJnDr664-Tg1QJKW9AfaAN05aIKZE9FQ7NtfdVRzUiAZNA3gxQQw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B00 187 KB
59 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 17:59:07 GMT

GET
H3 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 9B00 35 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 00:02:34 GMT

GET
H3 200 14925628995499101128
tpc.googlesyndication.com/gpa_images/simgad/ Frame 9B00 18 KB
18 KB 72ms
68ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/14925628995499101128?w=300&h=300&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33d3888056a6f885987932f9b569d0cd2598587312275b829bb08ad11fbd3da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 08:20:39 GMT
x-content-type-options: nosniff
age: 380308
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18167
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 03:25:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Oct 2024 08:20:39 GMT

GET
H3 200 17233744730899932692
tpc.googlesyndication.com/gpa_images/simgad/ Frame 9B00 24 KB
24 KB 80ms
77ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/17233744730899932692

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29752f55d6581b3d4b0a8b103083de71b97565e773c52e346c244d95b17fc52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 04:49:25 GMT
x-content-type-options: nosniff
age: 47382
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24573
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 02:25:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 20 Oct 2024 04:49:25 GMT

GET
H3 200 10942227818775728265
tpc.googlesyndication.com/gpa_images/simgad/ Frame 9B00 20 KB
20 KB 55ms
52ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/10942227818775728265

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc736b6f581cc59860248419b8038c1ce4da33ee26e3339bb6d2a32f2a2fbadf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:41:06 GMT
x-content-type-options: nosniff
age: 159481
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19971
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 02:33:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 18 Oct 2024 21:41:06 GMT

GET
H3 200 13107550762732987736
tpc.googlesyndication.com/gpa_images/simgad/ Frame 9B00 13 KB
13 KB 64ms
61ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/13107550762732987736

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1663be684f56f2cddccd78d421d39d5426652f6c8e5bc36803ce87b9dc7c89a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 22:25:49 GMT
x-content-type-options: nosniff
age: 588798
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13669
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 02:58:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 13 Oct 2024 22:25:49 GMT

GET
H3

200

2229373788544933868
tpc.googlesyndication.com/simgad/ Frame 9B00
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDvo8efShCwCRiwCTIIQXBm2uX5Tvs
https://tpc.googlesyndication.com/simgad/2229373788544933868

614 KB
615 KB

36ms
35ms

Image
image/jpeg

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2229373788544933868

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b9e5fb4b39f77b95f21d1c119e5ff8016a14737012ee17f4d12102cf02ae2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 16:40:53 GMT
x-content-type-options: nosniff
age: 177494
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 629227
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 03:01:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 18 Oct 2024 16:40:53 GMT

Redirect headers

date: Sat, 21 Oct 2023 16:13:05 GMT
x-content-type-options: nosniff
server: cafe
age: 6362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/2229373788544933868
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Nov 2023 16:13:05 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C03 43 B
215 B 507ms
504ms Image
image/gif 2600:1f18:1aca:4281:e6fa:3600:606c:fea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=d1d7f582-3edd-896e-b85d-dedb1585aced&tv=%7Bc:rHQMhl,time:643,type:e,im:%7Bpci:%7Btdr:564%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:644,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B634~0%5D,as:%5B331~0.0,303~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:444,fm:tTls8zS+11%7C12%7C13%7C14*.1475223-71249294%7C141%7C142%7C151%7C152%7C161%7C171%7C1811%7C1812%7C1911%7C1912%7C1913%7C19141%7C1a%7C1b,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:32,sis:222%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=600&slotname=2168616157&adk=4202454054&adf=1788474492&pi=t.ma~as.2168616157&w=300&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=300x600&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rh=250&rw=300&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144401&bpp=9&bdt=1154&idt=9&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=570&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lQCaf9Tobt&p=https%3A//app.tweakdoor.com&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e6fa:3600:606c:fea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:08 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 00AF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJkcg7rLaK9qTCWR7trXbig&google_push=AXcoOmQAdHnJSfCEyO7QhxkCUIPHI0q6Bn-d9N6iAPrZAunObeRqByNnub...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJkcg7rLaK9qTCWR7trXbig&google_push=AXcoOmQAdHnJSfCEyO7QhxkCUIPHI0q6Bn-d9N6iAPrZAunObeRqByNnubu_3i_iOnuSm0dtD5HkgtQHxiRiYxmHOn4x2LFUlU-INcI

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230130-FRA
pragma: no-cache
date: Sat, 21 Oct 2023 17:59:08 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1697911149.772058,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJkcg7rLaK9qTCWR7trXbig&google_push=AXcoOmQAdHnJSfCEyO7QhxkCUIPHI0q6Bn-d9N6iAPrZAunObeRqByNnubu_3i_iOnuSm0dtD5HkgtQHxiRiYxmHOn4x2LFUlU-INcI
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 00AF
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELRjSwv3qR-GRh5hYJfLg4M&google_cver=1&google_push=AXcoOmTxLh3bZXk2EXh-Z9nqhhS9LS7iXZzuaTxWNZLf9zyJqCESXnTUS1-3NessduEgvKqo03mQfyDcky-ZgZtCLBy9MGqPHKY1FeQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C4F1D2486DE24D9E9346A06CB1E16A9A&google_push=AXcoOmTxLh3bZXk2EXh-Z9nqhhS9LS7iXZzuaTxWNZLf9zyJqCESXnTUS1-3NessduEgvKqo03mQfyDcky-ZgZt...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C4F1D2486DE24D9E9346A06CB1E16A9A&google_push=AXcoOmTxLh3bZXk2EXh-Z9nqhhS9LS7iXZzuaTxWNZLf9zyJqCESXnTUS1-3NessduEgvKqo03mQfyDcky-ZgZtCLBy9MGqPHKY1FeQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 21 Oct 2023 17:59:08 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C4F1D2486DE24D9E9346A06CB1E16A9A&google_push=AXcoOmTxLh3bZXk2EXh-Z9nqhhS9LS7iXZzuaTxWNZLf9zyJqCESXnTUS1-3NessduEgvKqo03mQfyDcky-ZgZtCLBy9MGqPHKY1FeQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 20 Oct 2023 17:59:08 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 00AF 70 B
149 B 508ms
143ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKr0F6z0tyH6gcDfVKkfCN0&google_cver=1&google_push=AXcoOmQnNBvhSRz-DWv9dbvr3-YsDJHCaAvL6sWXVT7FJXX7tEbfZcy0Elmhqfym8oyerGu9LMKQcObg_nIR5Ycwmt5Qt1gO4kXMxHM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:08 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 00AF
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAMU0d5Aht08UMZBpnFP1lY&google_cver=1&google_push=AXcoOmR_kLQee2pq_bci_so70CPIV9ptkVlytnZwkBbn57sk3UMWv_FwN7OTmnMUtLHJUvMkW20DtIvgnQVSiau_...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=N8F2fy8VTR8hQtPhH56awA&google_push=AXcoOmR_kLQee2pq_bci_so70CPIV9ptkVlytnZwkBbn57sk3UMWv_FwN7OTmnMUtLHJUvMkW20DtIvgnQVSiau_0o0Hggh7doDsWXs

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=N8F2fy8VTR8hQtPhH56awA&google_push=AXcoOmR_kLQee2pq_bci_so70CPIV9ptkVlytnZwkBbn57sk3UMWv_FwN7OTmnMUtLHJUvMkW20DtIvgnQVSiau_0o0Hggh7doDsWXs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 21 Oct 2023 17:59:08 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=N8F2fy8VTR8hQtPhH56awA&google_push=AXcoOmR_kLQee2pq_bci_so70CPIV9ptkVlytnZwkBbn57sk3UMWv_FwN7OTmnMUtLHJUvMkW20DtIvgnQVSiau_0o0Hggh7doDsWXs
x-host: tde-deliveryengine-production-7595df5684-zv2bj
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 00AF 43 B
146 B 603ms
260ms Image
image/gif 18.158.97.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN_Er8PMgjI71UcjlnnX8vg&google_cver=1&google_push=AXcoOmQWhPSCKQacN388uboixvRQodsft5F6oMXCy3f0XDxl2IHZvnp_AzUw4UoBiIwM0ObGJvgwQOGUq9oBNBN_yX17onzEOFiwnQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.97.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-97-142.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 00AF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEChefHzrQT8LfCIoY17H7O8&google_cver=1&google_push=AXcoOmSBTev93UZ_goGtWuvJwcwprnGKabZET8gdU1bNwlULXc4KYhIjBjcgVHJkm7lSKGiPGi_AVmFiEf4SA8u6OXVmKLU...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSBTev93UZ_goGtWuvJwcwprnGKabZET8gdU1bNwlULXc4KYhIjBjcgVHJkm7lSKGiPGi_AVmFiEf4SA8u6OXVmKLULtLfynpk&google_hm=eS1VZjdGSG45RTJwRlh...

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSBTev93UZ_goGtWuvJwcwprnGKabZET8gdU1bNwlULXc4KYhIjBjcgVHJkm7lSKGiPGi_AVmFiEf4SA8u6OXVmKLULtLfynpk&google_hm=eS1VZjdGSG45RTJwRlhPNkx0Q05Ia0RiSmRvdnV4TlVla35B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 21 Oct 2023 17:59:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSBTev93UZ_goGtWuvJwcwprnGKabZET8gdU1bNwlULXc4KYhIjBjcgVHJkm7lSKGiPGi_AVmFiEf4SA8u6OXVmKLULtLfynpk&google_hm=eS1VZjdGSG45RTJwRlhPNkx0Q05Ia0RiSmRvdnV4TlVla35B
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 00AF
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIIIBmmVdgjX...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT045dCU3azT58wMzpXjzh8gLSB0BHYBXV33bNb7oO2AjZmrFxt87_sjf4BaGCn1noTVcmRL0OwAG5Djwq59isUqs6YSnhAi127
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

63ms
63ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 21 Oct 2023 17:59:08 GMT
pragma: no-cache
date: Sat, 21 Oct 2023 17:59:08 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 00AF 0
12 B 38ms
35ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8EqZN6ahECDWK2lCiB0KBcaj6M9NaP2Skgy8pPvbeaYTjLowNZT3a-5pmwoMAasKw-DYQsA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 9B00 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d737504780d7cfaa5b8cbd509b649d3dd8efdb6cef4da6226bc19bd2497ff30d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9B00 21 KB
21 KB 792ms
790ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 05:15:19 GMT
x-content-type-options: nosniff
age: 45829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 05:15:19 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9B00 20 KB
20 KB 798ms
798ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:55:59 GMT
x-content-type-options: nosniff
age: 169389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:55:59 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9B00
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CBT05ahE0ZZTQLOili9YPwcm28Afbp-_0cPzxvcyqD7aAxoveLRABIP382yhglYKAgJgHoAHQp-maAcgBCakCNcXA-RhZgj6oAwHIA8sEqgTSAU_QYySDJnlH0a6czFVY_CvTizDx6ls7tze...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212914078783244813943%22,%22debug_reporting%22:true,%22destination%22:%22https://vigoo.fun%22,%22event_report_window%22:%22...

0
0

107ms
58ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212914078783244813943%22,%22debug_reporting%22:true,%22destination%22:%22https://vigoo.fun%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22324686800%22],%224%22:[%2210-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212231789442714154689%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:08 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12914078783244813943","debug_reporting":true,"destination":"https://vigoo.fun","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["324686800"],"4":["10-21"],"6":["true"]},"priority":"500","source_event_id":"12231789442714154689"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 21 Oct 2023 17:59:08 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 21 Oct 2023 17:59:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12914078783244813943","debug_reporting":true,"destination":"https://vigoo.fun","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["324686800"],"4":["10-21"],"6":["true"]},"priority":"500","source_event_id":"12231789442714154689"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 356ms
57ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 21 Oct 2023 17:59:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 74EC 694 B
731 B 176ms
49ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=1771&ttfrms=33&brid=3&brver=118.0.5993.88&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau2AA%5DEH62%3C5%40%40C%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau2AA%5DEH62%3C5%40%40C%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1697911148147115&jsCallback=dvCallback_1697911148147433&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4826&tgjsver=4826&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231017%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&fcifrms=11&brh=2&dvp_epl=254&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://app.tweakdoor.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0i4OGzC22M13cbfqMrqLNGO&DVP_DBM_1=3060631&DVP_DBM_2=24779292&DVP_DBM_3=15170489244&DVP_DBM_4=396484704&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=762280502321&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1549631223.5288422&ee_dp_sukv=1549631223.5288422&dvp_tukv=3461271793.1430078&ee_dp_tukv=3461271793.1430078&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1493552877048&jurtd=595769393
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4826.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 9f4a85e92fc17e8f42efbf8eb14926350d2ba84f80487df41b23444e6fd9c1ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Oct 2023 17:59:08 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 10/20/2023 17:59:08

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C03 42 B
174 B 174ms
174ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnOrsCpvKHJJXkuETXtA34qTS7IFD9ILFqDyEdoFaJG3-ZLpqnrlBj4SzvPhYns8tdPi8Qj2g3pqA6txwJnxmgzQBsO6svTKtCNv6HFV2BcX6TEqIZ39CWPExbX98bw_squh0_MOYg3o3z&sai=AMfl-YRUGG6y_ZSxCMdrh5HpxZkKh7FsskYXcMLYEe8UipE5wY8D-sRMsJsQd-eIPDMb20iyPX8n6h1T9V_DNvbOvEPUNqJn1wYvp56HHbYUIPUR5bRPbCpSHV7AFIEvG4CzE37-nbQuUOmpTAGy&sig=Cg0ArKJSzOQ-zewX1Si8EAE&cid=CAQSSwDICaaNVg1FOblD6OtKT4Z67hHwgRkEpcOeWjc3AmWQDJs4_ibLar1gTuZ07bbbiWr53TaQWN3RTbtEy6KsOsktHjzSHFfwruvFghgB&id=lidar2&mcvt=1080&p=0,259,40,300&mtos=1080,1080,1080,1080,1080&tos=1080,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4202454054&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697911144417&rpt=2166&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 76ms
75ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231017&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b427a1ba226fb916ed4e3758e90618907d5bce72ae40f5685d07e1366f9eaf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12143
x-xss-protection: 0

POST
H2 200 custom Show response
glimtors.net/ 39 B
332 B 39ms
38ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glimtors.net/custom

Requested by

Host: app.tweakdoor.com
URL: https://app.tweakdoor.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.tweakdoor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: a092ac89e481932e15fb2cf7d8ebabc3
date: Sat, 21 Oct 2023 17:59:08 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.tweakdoor.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
glimtors.net/ Frame 0
0 45ms
44ms Preflight
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glimtors.net/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.tweakdoor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://app.tweakdoor.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 21 Oct 2023 17:59:08 GMT
server: nginx

GET
H3 200 bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0FF4 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bayETfq4HL4Qbl6P83pP1ivZXxE5tn3HbmJLdmK2sBk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=4152953509&adf=2922008850&pi=t.ma~as.2168616157&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911146606&bpp=1&bdt=3359&idt=1&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc259a2a3d852fd49%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug&gpic=UID%3D00000cbe26fd8989%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A&prev_fmts=0x0%2C300x600%2C728x280%2C1200x280%2C1200x280%2C1600x1200%2C728x90&nras=3&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&psts=AOrYGskvSYS2SoQ0RB1Wj1eKMmVo5-nLLPcC5u09RZCY6gOiIbc5sH59hQv0ONPa5lTSuFhe45J3BNOwV17p%2CAOrYGslJgKapC6njflJyiuSTBxpodOIvUU1A1vMYlv06aDg8SvrsqaaiLt_sbO7wvGq0TSwdzZd_GvPcNTqM%2CAOrYGskUNy8Rc3CPa9yJ_HJgJnvFnhFf31h8StyOHI0JJquRnwhBJ4sAUxv_o8PCvc8dnjLmxupeeEx-z29UtQ5_746CnDhP&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEebr%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=QTZtyNdQvP&p=https%3A//app.tweakdoor.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dac844dfab81cbe106e5e8ff37a4fd62bd95f1139b67dc76e624b7662b6b019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 345280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14519
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:04:28 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 17:59:08 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 32ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-138QWYX9BN&gtm=45je3ai0&_p=1432763673&cid=1774317112.1697911144&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1697911143&sct=1&seg=0&dl=https%3A%2F%2Fapp.tweakdoor.com%2F&dt=Tweakdoor&en=scroll&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-138QWYX9BN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.tweakdoor.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED97 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 13:30:58 GMT
expires: Sun, 20 Oct 2024 13:30:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0921 829 B
559 B 35ms
34ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

71c664e82215788eb3a2d81a33bf0021283c0092ab5ac1349b1aea2350386d34

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-drGjri9ooP8RXZcsh0HFlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.tweakdoor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-drGjri9ooP8RXZcsh0HFlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 17:59:08 GMT
expires: Sat, 21 Oct 2023 17:59:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 473C 42 B
66 B 173ms
173ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKxfM2TEe0CWekJXzw-S1QW8RPpXH2P9Tq7BfltdUU4XiGKZCNsViiatycUaEG-raJKk2Grbzj1rReHFva2w4gfFHyFKxbpmngopju06oVn0sMTrX5j8I2mu71_WgrhGDThAIWEw1x1GnR&sai=AMfl-YQ1zV5qpJ_XoGpxA86ssu67XISFYTh-2z48G9XCYLtVSN9tJe38LUg3UdfObJRsCPkW1YhdZtCKNJOUmvkkwTpunEs2ZD3u_O04YuNZKI2d_24AK17UxJ9X60-03rG3NNjfQZLHdiePrMfN&sig=Cg0ArKJSzEdlKy5N7e5BEAE&cid=CAQSSwDICaaN0S0-pseKODxwVF6aRNA4sgwX_rC4Cnzx6pN-l_vyUymmUiKspfeQi_D1YW6VU0S84xXrM3eXOTHRgVC3F2ugon7HMgZpdxgB&id=lidarv&acvw=sv%3D958%26v%3D20231011%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,128,273,601%26tos%3D2003,0,0,0,0%26mtos%3D2003,2003,2003,2003,2003%26amtos%3D0,0,0,0,0%26mcvt%3D2003%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2255%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D3%26pst%3D253%26dur%3D15018%26vmtime%3D2284%26dtos%3D2003%26dtoss%3D1%26dvs%3D2003%26dfvs%3D2003%26dvpt%3D2255%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D789003453%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2003&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1697911146507

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0921 0
0 123ms
123ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231017&jk=4156988072324294&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js Show response
pagead2.googlesyndication.com/bg/ Frame ED97 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 11:24:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14703
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 20 Oct 2024 11:24:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ED97 0
12 B 22ms
21ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?581H2Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C03 0
22 B 164ms
164ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4658918700766&version=m202309260101&ct=76&x=1&cor=15604649558678325000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C03 43 B
215 B 116ms
116ms Image
image/gif 2600:1f18:1aca:4281:e6fa:3600:606c:fea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=d1d7f582-3edd-896e-b85d-dedb1585aced&tv=%7Bc:rHQMJU,pingTime:1,time:2414,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:30%7D,%7Br:r,w:300,h:600,t:341%7D,%7Bpiv:100,vs:i,r:,t:1412%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1412,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1403~0,0~100%5D,as:%5B331~0.0,1072~300.600%5D%7D%7D,%7Bsl:i,t:1412,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:510,fm:tTls8zS+11%7C12%7C13%7C14*.1475223-71249294%7C141%7C142%7C151%7C152%7C161%7C171%7C1811%7C1812%7C1911%7C1912%7C1913%7C19141%7C1a%7C1b,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:32,sis:222%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e6fa:3600:606c:fea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:09 GMT
server: nginx
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C03 43 B
215 B 117ms
117ms Image
image/gif 2600:1f18:1aca:4281:e6fa:3600:606c:fea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=d1d7f582-3edd-896e-b85d-dedb1585aced&tv=%7Bc:rHQMJV,pingTime:1,time:2415,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:30%7D,%7Br:r,w:300,h:600,t:341%7D,%7Bpiv:100,vs:i,r:,t:1412%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1003,o:1412,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1403~0,0~100%5D,as:%5B331~0.0,1072~300.600%5D%7D%7D,%7Bsl:i,t:1412,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:510,fm:tTls8zS+11%7C12%7C13%7C14*.1475223-71249294%7C141%7C142%7C151%7C152%7C161%7C171%7C1811%7C1812%7C1911%7C1912%7C1913%7C19141%7C1a%7C1b,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:32,sis:222%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e6fa:3600:606c:fea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:09 GMT
server: nginx
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A5F 0
22 B 165ms
165ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5487038228252&version=m202309260101&ct=77&x=1&cor=8092193803626571000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 128ms
128ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231017&jk=4156988072324294&bg=!i4iliMfNAAbDUgby41I7ADQBe5WfONeQKj_t55UqI_YfM1-66bOTUPCO6S4ODO0ktRzN-prBOCIIHkfMUkjXsZv5KsarAgAAAIJSAAAACmgBBwoAd5xLjaHRk88X-uxKPoz6fjhqn3E-GYbDtc54gCOU17B1Ay2kFdNpsWD2i9Wq3Ustui9fzTUVM98pZSgdJHbXgbZt4qsoDzp9sJ9kskQlomhCbzsoVZIexzKOAZP3Tj8DpeNjXot8gz2ivSNsvYtbxK8YB84Pb6yamQK34HVVl-KcVQCLrd4rjvLYXKOSYVmDDQYxY7j5uNozgMEQ6MD7d57oU9JmX0VjS_DJPpI_5T3HcUl76FbsgqfjPBUGZUdw09D4SnGIPgj9HZTN036NPVv93-wi_a9RioCbgo0uN_TnaQ5XOv-hp8nvwhFH68DcCi0-FLZHXfHbHnmV5CnhiSfyOfb9N0St7K973TSSE8xQ0DHMnUufr4dOe2UzUnTljXQRIFK5QCgjRiAfdwYCCw2ALm78TDuvuP0eXjCt8uHpaaoES80TevOHabRUChKSiyNNEmKbZBeDeTrjus2dgVOvrb6ivbP1gPDmPB4yfVXAeRwrHTYGOXZQqY84d32xNb9J8N08LMA3OR9NPKmmmu4WWTJGOVpC5L3g642QoWjOceFtbT8BfJvdBdtTgoBicP6gVZnhEewDEKQpV8D0L_NPmdVMTcKo8_RgF0_i-Ly1pqLBJa_2OmaO8Kp7SFWCM1qGU83MaCk3oRN-tmHmuknuUT12gFqCmD5kO3b0yqKcOFyYWcd7rNK9X6BtrX9-yKOCP40jTsKQao_03pCrw6WRsG3Q9cYDwd-_B23VLLmr_LiW0UPZhmrisk7pUEYQYwp2ZMGfNMtU35YGq5f486nxOOzeE1pO3pa3i8_P9R0xNQmfL9uI04IX2N63Ns8N2EjO5uV-tZ0KluMGKq_lI-7Kw6-fSpCufVjRDvgYqFee6fnCJ-q7dysBYJWS0UbmCDHcx1opWAB9S9vl8v1HYZduGlCYp3BWC_r8Xx_RdubZz3Z6pEeOsCVCJbr05JE-f_l5LEOv_ekcf8sQElBC1K0J-h5rZrMPO9YINJlt07uFjeRIdUsaXzLCfxGgUyDDB50mq6fv2tfc7_BW6y9lLTZkWol0T1EOhh1oGxUlJx3Ppfb25f3wikZOL_IaOSsP-_A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.tweakdoor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 ft.stat
ad-events.flashtalking.com/ Frame 473C 0
66 B 41ms
38ms Image
text/plain 3.11.61.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/ft.stat?13539;189093;6688641;4438443;0;14;413617B0-4FE2-5DA6-89D8-E844D16B1D21;57726111DABE48;2046188777
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.61.157 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-61-157.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 17:59:10 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 204
No Content event.png
tpsc-video-eu.doubleverify.com/ Frame 473C 0
162 B 86ms
32ms Image
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-video-eu.doubleverify.com/event.png?vstevt=4&dup=b8438f09-ec3c-4245-9e8c-2d892c31c916
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 21 Oct 2023 17:59:10 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 2023-10-20T17:59:10

GET
H2 200 dc_oe=ChMI4JG89duHggMViobVCh0qTwf3EAAYACDS6otcQhMIuayF9duHggMVSRWtBh3WIw4B;met=1;acvw=sv%3D958%26v%3D20231011%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,128,273,601%26tos%3D3470,0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame 473C 42 B
107 B 71ms
69ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4JG89duHggMViobVCh0qTwf3EAAYACDS6otcQhMIuayF9duHggMVSRWtBh3WIw4B;met=1;acvw=sv%3D958%26v%3D20231011%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,128,273,601%26tos%3D3470,0,0,0,0%26mtos%3D3470,3470,3470,3470,3470%26amtos%3D0,0,0,0,0%26mcvt%3D3470%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3722%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D6%26pst%3D253%26dur%3D15018%26vmtime%3D3753%26dtos%3D1467%26dtoss%3D2%26dvs%3D1467%26dfvs%3D1467%26dvpt%3D1467%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3470,3470,3470,3470,3470%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D789003453%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3470;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1697911146507;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 473C 42 B
64 B 72ms
70ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CichnaBE0ZbnYIMmqtOUP1se4CMTlwOhwpbbs6qkRj8i-wM88EAEg_fzbKGCVgoCAmAegAYLk69ApyAEFqAMByAObBKoE9gFP0Np2tRA_IM67QiYVdgnRCmxQU_7ogmG5r4or7k1JIBw3duylCI7FRPfVxRtf29RVG_xK4oS4dAAxwcCkdlbKrTA8_cT_XlUvMs04Iu0SOftWZnsQRMkUnS1K67YVqsDSYTxFHNUqq_EFe78c_F1U0LiQP_hnWxeU9aMOmxC0YnB8F06Zdi0YVQg9I5gZfDJV8k3IvCQXCejSNkvwnQRyF4npB2Avo3VHX4iVrDhkXeaxUjDw5mXwHILfz4n-yjdwxp9tFDyck5kQU9k6IhHkcR3qL8ZZti8JMO_Rq02lvYqA3oIfpQN9lqxtio0-VXnNdgk_XHvABPnVl4arBOAEA4gFx8K3okuQBgGgBnmAB4KcvLAEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGiDAwqCgoI5LSxAu61sQKqDQJERbATvYGTFdATANgTDYgUAdgUAdAVAfgWAYAXAQ&sigh=6Wkt8lWjMwc&label=videoplaytime25&ad_mt=3754&acvw=sv%3D958%26v%3D20231011%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,128,273,601%26tos%3D3470,0,0,0,0%26mtos%3D3470,3470,3470,3470,3470%26amtos%3D0,0,0,0,0%26mcvt%3D3470%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3722%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D6%26pst%3D253%26dur%3D15018%26vmtime%3D3753%26dtos%3D1467%26dtoss%3D2%26dvs%3D1467%26dfvs%3D1467%26dvpt%3D1467%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3470,3470,3470,3470,3470%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D789003453%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3470&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1697911146507

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=2168616157&adk=925113182&adf=189457609&pi=t.ma~as.2168616157&w=728&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=728x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144422&bpp=7&bdt=1174&idt=7&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeoE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Rcwr77aTq1&p=https%3A//app.tweakdoor.com&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame 74EC 0
308 B 83ms
31ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=d921007f77c944f5b0e32b9e6593d8c6&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&vdur=177&eoid=17&te_exec=0&msrjs=4826&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=26&msltms=1724&vltms=177&sei=289&vetms=7&tuviims=1805&tuviems=1989&engms=1&engisel=1&dvp_dtcov=4&sim=3&msrcanlm=264&msrcannum=2&ee_dp_tmads=2322&ismms=52&isumms=52&nvr=2&isgmmims=52&isgmv4mims=52&elmtp=4&isbxdms=2254&b0=2416&dvp_vsosnmr=3&lftb=2416&sftb=2416&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=0&cwdth=0&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=52&dvp_dpr=1&vstsz=737&ee_dp_cvcmeeid=1&metp=1&meeid=1&dvp_itg=HEAD%3A1%2CMETA%3A6%2CSCRIPT%3A27%2CBODY%3A1%2CDIV%3A12%2CIMG%3A3%2CIFRAME%3A18%2CINS%3A1%2CA%3A1%2C&ttfurm=3221&cbust=1697911151339464
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4826.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Pragma: no-cache
Date: Sat, 21 Oct 2023 17:59:11 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-10-20T17:59:11

POST
H2 200 all
csm.eu.criteo.net/ Frame 9CD7 0
127 B 36ms
36ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 21 Oct 2023 17:59:11 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C03 43 B
215 B 117ms
116ms Image
image/gif 2600:1f18:1aca:4281:e6fa:3600:606c:fea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=d1d7f582-3edd-896e-b85d-dedb1585aced&tv=%7Bc:rHQNMp,pingTime:5,time:6413,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:30%7D,%7Br:r,w:300,h:600,t:341%7D,%7Bpiv:100,vs:i,r:,t:1412%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1412,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1403~0,0~100%5D,as:%5B331~0.0,1072~300.600%5D%7D%7D,%7Bsl:i,t:1412,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:121,fm:tTls8zS+11%7C12%7C13%7C14*.1475223-71249294%7C141%7C142%7C151%7C152%7C161%7C171%7C1811%7C1812%7C1911%7C1912%7C1913%7C19141%7C1a%7C1b,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:32,sis:222%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e6fa:3600:606c:fea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:13 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C03 43 B
215 B 116ms
116ms Image
image/gif 2600:1f18:1aca:4281:e6fa:3600:606c:fea
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=d1d7f582-3edd-896e-b85d-dedb1585aced&tv=%7Bc:rHQNMq,pingTime:5,time:6414,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:30%7D,%7Br:r,w:300,h:600,t:341%7D,%7Bpiv:100,vs:i,r:,t:1412%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:1412,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1403~0,0~100%5D,as:%5B331~0.0,1072~300.600%5D%7D%7D,%7Bsl:i,t:1412,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:121,fm:tTls8zS+11%7C12%7C13%7C14*.1475223-71249294%7C141%7C142%7C151%7C152%7C161%7C171%7C1811%7C1812%7C1911%7C1912%7C1913%7C19141%7C1a%7C1b,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:32,sis:222%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:e6fa:3600:606c:fea Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 17:59:13 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tweakdoor.com/	1970-01-21 01:14:31	Name: _ga Value: GA1.1.1774317112.1697911144
.tweakdoor.com/	1970-01-21 01:14:31	Name: _ga_138QWYX9BN Value: GS1.1.1697911143.1.0.1697911143.0.0.0
my.rtmark.net/	1970-01-21 00:24:07	Name: ID Value: 21f632ce1730474cac9e2fef9375dd33
.doubleclick.net/	1970-01-21 01:00:07	Name: IDE Value: AHWqTUmYGSn_FXMA0yC9aNt0WSrKf1mK2JRYnucYtaFozsbDEGWfj4STSo9B77wc
.tweakdoor.com/	1970-01-21 01:00:07	Name: __gads Value: ID=c259a2a3d852fd49:T=1697911143:RT=1697911143:S=ALNI_MZjSmwruV6HpEExRjAnFnG2XMOiug
.tweakdoor.com/	1970-01-21 01:00:07	Name: __gpi Value: UID=00000cbe26fd8989:T=1697911143:RT=1697911143:S=ALNI_MaGVugrA3TaSE1NgpTlzBa-dmjY0A
.casalemedia.com/	1970-01-21 00:24:07	Name: CMID Value: ZTQRadIUW.vwFnOwNORGwgAA
.casalemedia.com/	1970-01-20 17:48:07	Name: CMPS Value: 3256
.casalemedia.com/	1970-01-20 17:48:07	Name: CMPRO Value: 3256
.doubleclick.net/	1970-01-20 19:57:43	Name: APC Value: AfxxVi642I2Kau4qtdUm6MdA2t1XWl0T9yeoM3clxWnDiQpAxsB8lg
.adnxs.com/	1970-01-20 17:48:07	Name: uuid2 Value: 3853659257715513946
.doubleclick.net/	1970-01-20 15:38:34	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 17:48:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?fpcuzC!]tbG8i_iqf!oN/@E'zz<Z0Q3@^eK?!5FDf#C8QDyzOfOzDKQgsy.Qd?+ETD._*PlZ[C[-kX-@y/w8
.yahoo.com/	1970-01-21 00:24:28	Name: A3 Value: d=AQABBGsRNGUCEG74j9O34aTM-AzIqSy07mEFEgEBAQFiNWU9ZQAAAAAA_eMAAA&S=AQAAAkSmgrRC7kY2mIbtJvG5ZHs
.simpli.fi/	1970-01-21 00:25:33	Name: suid Value: C4F1D2486DE24D9E9346A06CB1E16A9A
.travelaudience.com/	1970-01-21 01:10:11	Name: _tracker Value: %7B%22UUID%22%3A%2237C1767F-2F15-4D1F-2142-D3E11F9E9AC0%22%7D
.googleadservices.com/	1970-01-20 17:48:07	Name: ar_debug Value: 1
.everesttech.net/	1970-01-21 00:24:07	Name: everest_g_v2 Value: g_surferid~ZTQRbAAZnrPKIwAb

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://app.tweakdoor.com/(Line 90) Message: The Content Security Policy 'default-src * 'self' 'unsafe-inline' 'unsafe-eval' data: gap:' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
network	error	URL: https://app.tweakdoor.com/sw.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://app.tweakdoor.com/i.imgur.com/avB6Liv.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4420332636058530&output=html&h=280&slotname=3365500179&adk=1522550357&adf=1154629289&pi=t.ma~as.3365500179&w=1200&fwrn=4&fwrnh=100&lmt=1697862016&rafmt=1&format=1200x280&url=https%3A%2F%2Fapp.tweakdoor.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697911144441&bpp=5&bdt=1193&idt=5&shv=r20231017&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7f2b3fd6b6e2da76-22f212a3a2e40084%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_Mbj-8lGRYm9Q5uP3EQssoUlfdrX-w&gpic=UID%3D00000c9ec4ff100c%3AT%3D1697911143%3ART%3D1697911143%3AS%3DALNI_MbE37a0IX1Bu78y-B4wieSQIiQOQA&prev_fmts=0x0%2C300x600%2C728x280&nras=1&correlator=7042892384599&frm=20&pv=1&ga_vid=1774317112.1697911144&ga_sid=1697911144&ga_hid=1432763673&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078297%2C31079012&oid=2&pvsid=4156988072324294&tmod=1560448766&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Kwt27huu6k&p=https%3A//app.tweakdoor.com&dtd=8 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v97.js(Line 91) Message: Unrecognized feature: 'attribution-reporting'.
security	warning	Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-events.flashtalking.com
ad.doubleclick.net
ade.googlesyndication.com
ads.eu.criteo.com
ads.travelaudience.com
ajax.googleapis.com
app.tweakdoor.com
bid.g.doubleclick.net
c8.alamy.com
cat.nl3.eu.criteo.com
cdn-icons-png.flaticon.com
cdn.doubleverify.com
cdn.flashtalking.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
csi.gstatic.com
csm.eu.criteo.net
d9.flashtalking.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
freelogopng.com
fw.adsafeprotected.com
glimtors.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imageproxy.eu.criteo.net
imasdk.googleapis.com
is.gd
match.adsrvr.org
my.rtmark.net
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
rtb0.doubleverify.com
s0.2mdn.net
secure.flashtalking.com
servedby.flashtalking.com
static.adsafeprotected.com
static.criteo.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
tpsc-video-eu.doubleverify.com
tweak-box.com
tweakdoor.com
um.simpli.fi
upload.wikimedia.org
vast.doubleverify.com
vtrk.doubleverify.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.18.26.193
104.18.36.54
130.211.44.5
139.45.195.8
139.45.197.251
142.250.181.226
142.250.184.194
142.250.185.130
142.250.185.194
142.250.185.230
15.197.193.217
151.101.194.49
178.250.1.6
18.158.97.142
18.239.94.84
2.18.96.37
2001:4860:4802:34::36
23.215.22.232
23.35.237.56
2600:1f18:1aca:4281:e6fa:3600:606c:fea
2600:9000:223f:cc00:8:48e:53c0:93a1
2606:4700:20::6819:ea35
2606:4700:20::681a:931
2606:4700:20::ac43:505c
2606:4700:4400::ac40:9111
2606:4700::6811:190e
2607:f8b0:4003:c13::5e
2a00:1450:4001:800::200a
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2002
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2004
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::c
2a02:26f0:3500:11::215:14c7
2a02:26f0:480:15::213:7e52
2a02:26f0:780::210:a408
2a02:4780:b:653:0:31a8:9fcf:2
2a02:ec80:300:ed1a::2:b
2a05:d018:d29:3605:baeb:931e:26a0:842
3.11.61.157
35.190.0.66
35.204.158.49
37.252.171.85
52.215.161.107
52.50.230.234
64.233.167.154
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02b2358ed6acbe593c7ad304fcfc368b8344f98ae7d49102813ab8933e45a06f
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
08277439bd8ce6ab955a823c410fd1ca6cf33dd8a9de077eee83adf5ee93e1fb
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09735b615fcc5fbd72e4ad459ecdd3f7bfe692116ca610cc7c2f55643a8bdc0b
0b427a1ba226fb916ed4e3758e90618907d5bce72ae40f5685d07e1366f9eaf8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d194c47c014866f7e78e81602c04dac8840ca3fbf232602600cf828b0fbae68
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
117fdee81c777adacc62e46a06ac440654f8f58de9310c2d20015171d747c198
1278f565487702818dce496de808a9b2fb55ecaca66837056c824dcd9a34c811
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1431fbd8664b1cd350cf989499340ecfcb9f5b3e47b2dff77199a35690dcc258
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1663be684f56f2cddccd78d421d39d5426652f6c8e5bc36803ce87b9dc7c89a6
16b40a62651e28eae2f9234392af7189b982b5cbe8ee5f5be1ef8cef962c5f22
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18bb59005ab0aedbd1ae6c65a0bccd81396823297b0259e22d3f9000c4bd4a7c
1b35c42f3d9c589a67ca5159d7f4973981ffbd6cc3aa20d50ab348086fca596f
1c911bb94bbb2d57c10fca554977b8aa060cdcf0eb7679694ae3fd02b3b37c36
1dbe87d3ed1f5baa5a88a6f37205712fc9d94ee19648fdfb6f6fc0dc8e1bb974
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ea09c52721547f05b07c5929fbf4d4ceec86d16d29bbc95b6ee2ae7650ad5b6
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20728ee8e0953a69f5b457ac7d724175795e0d51cddca219c2a7b1e5eefe5b59
238ff58a31efe3f345918878b077cdc6486289c38e473504968c7f72ced5aaaa
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
29752f55d6581b3d4b0a8b103083de71b97565e773c52e346c244d95b17fc52c
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b598ef394da87b61571ac9924b8a92bb888fbaa2b7c6815ec172fa34b01065
32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849
33d3888056a6f885987932f9b569d0cd2598587312275b829bb08ad11fbd3da7
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
417ae22e2baabe34deb1d7e2b2336607421772651f50123c58102eea49d340ae
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44c05b945531a2a5ec85d8337d10de51493ff8b396f5d8dda0ac3d5a85face4c
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
49309cd3accabc25ea196fe4466a8ae9de22e8e46ce56d64070cca31dc2f2802
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50bb10fff463d3ba819f7754244c7dfb3afb0c85cb74adfdca55cf607cc66329
526d68fb606b8001282ab510de99ce8c750e2a38377653b00a1dc55ac6e50bae
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c9de87229d5bbe95706fbf7265d13ac0807cd3ccaa733aeb1f0d48f3bf10e4f
5d4d5b05229a872ec88f5b855e174ffd1c77a7aa8f63e410d228902fbe969cf4
5dcd435de3688ec34fb07d5b56e6ea418de0fa72c2157a46c367cc727813c90e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6750766d21267e2d6cf14d611b62e7508bfc60210eef645c1f0d68a9d02e7890
67ae5cb9a4c423af33efb21376c45272784c5c6cb0327b5aff4916f80e059bdc
6b23a2a55e15ddffdc187b1107030f6ed53d4abe5d4c0900022451d20c3dfb54
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6dac844dfab81cbe106e5e8ff37a4fd62bd95f1139b67dc76e624b7662b6b019
71c664e82215788eb3a2d81a33bf0021283c0092ab5ac1349b1aea2350386d34
720c6a1f1b2b01efbc2e7a55e28086fd73becd0a55c33904cd599c87206465bd
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73326d953dc613cca8f5b66beb19ca57158477825bb555139dfa24b80e100c70
733495afebc027c211c1155b4e43b6b8fbde566a4a29e11a9be42eaf504a5f6b
7596687e7da6a274ec7a55ffd9080fe970167053bbf83e85e2762b73f6afae16
75cdc71ca23c08d2b3929ada433940d8c591e0b2f9b7794ceea322578b1fe9d5
77b9e5fb4b39f77b95f21d1c119e5ff8016a14737012ee17f4d12102cf02ae2f
7afbada23763f39a33fd45a45dd147ffd6ab337ef50c5557cd5ce206b07dabe0
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
7c6ee31e9f5e19e03fce7fe87b0887713f4b3eedfbebe3f13c5a6cc40a542dd6
8183e219177c75fd89eb8b15f446ccbbafe689462aac96da3bbdbe3822979103
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
8394005724547d111ee3482ca6687b09d0194ce51df35d99e705bb9464b1365b
85b3b56eea731ee33b4eb32ff55870e06268982bcc904df35ebeab517a13ed97
888d18a117ac4677fc84ae440875bbdec7dd01af41b590ac2a7a530ef1b1d039
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8eeff2dc1fec78d5b80a1085be44f06312e1fd6eb0bf18207beeca840f560530
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
9557c41178eaf4269a64db727c47c56ae23bd305460cf3e9a471f7e52d0573b8
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
98fefe7f547279bd255dc14dc672ff50e5b5d330f6ae9d2fc3b0784be4b40de4
998ea69f1e7d0c9186e5de5ec6b603147dfe0255fe05f0a9b3256198d22a96e3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f4a85e92fc17e8f42efbf8eb14926350d2ba84f80487df41b23444e6fd9c1ef
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5e299a85a9b163a13f8922e875d903e3886d98af3007f64e3b106b0fd4486c6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
a911133196bf02cab34284c78a17cd53f7c818b968d428fcf1c9b81652f7c339
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab56e51608d68bd17237e4ed5569396caec080ff01cc0fd894ba65b4295d2d73
ab7ac7916d1fedd9bb198fb6b64b9a5e888e1674110c8a9ae038f242e64d1445
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
af66ef5099f9abb3f9de632d7e1f047d127a941cc6e8909ea37f41dedd9ef87d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a22bca2e94ac819868674685b19dacadb2888e6099876d6e101ccaf2b17993
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86
b60ba7424d5a53684d0acee8fb78518c1231bd3e274c69ce8f3fa21ae1f3f7cb
bba9e8453043e5730f1a6483632d22bdd659002ae323e5d15ab7e85c8a4ec9ba
bc1972623357c2f76ae6d42ff1870038e1a738f7bfe15c3e1748be737085dc66
c548a30c41171b00c7d332fc539aa7fa0dceb71fc7d91d4bc7b65ed3bfed8382
c75166534a7cf375f7963558a6a55858688f6c289c9d200706ce1592669ffe3b
c82bdde12324017de6f575eb0c64a7b4cd00d1a6361070625ad6f610c1e976ee
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d676e742b549cf7b4698cb9dc5be5f1734bc59313958cf9a7b7acd92a5ff3d76
d737504780d7cfaa5b8cbd509b649d3dd8efdb6cef4da6226bc19bd2497ff30d
d8e78efe21cf931791491042ffe7359deb5d9c3ef8bdd85423b9a3b007f3370d
dcbd4882f0c4557f44d9d7340ab5a08c7b8cdf3dc5cba9996a18c95160acbd5d
ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b
de95ae2b1b92a67becf3bafc1f29322012e04fdf7521bc300c186dca26dd61ea
e06732a765d1dd119f61b2de1bdaf9f9b1b2d181e6cb129356aa4355e5291418
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4cf97ac2c894373993441405711d3b8d2725ddfccab4c20a2a9ede787963919
e7b0697f95dabd66edbfefcf7c37e27f6137b33b39a89dd17d191bc733207367
e970c60f68251135b7210191122ef1f014c7d8ae9ceb9535f0290ead09daec0f
eaff8ecfb5fb03793c7c89eadc4990cef916b28a6309be20506848140d198256
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec38cd16e873cc656540a5d387c0404573a70ed7a24a522fd1d325feab248fc4
ed307b9176ce74e8ec5cd56461795d1c63e3a2df73afe3dbb03731e20a8e7101
edcff989729e858f2cbde975ed98af64bbe9f11b848ad86c827af8a0d2d6c2da
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f80cb15e8af3bd5e4accc1a411871ea0e4618c95635a1a55df39f2999e5e6d
f1d7f799dfc8dac037f4187b4ba592dd50034a53d8915b8a246c627e413394f2
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
fc736b6f581cc59860248419b8038c1ce4da33ee26e3339bb6d2a32f2a2fbadf
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

app.tweakdoor.com Open in urlscan Pro 2a02:4780:b:653:0:31a8:9fcf:2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

268 Requests

93 %HTTPS

58 %IPv6

35 Domains

64 Subdomains

55 IPs

7 Countries

50552 kBTransfer

55746 kBSize

18 Cookies

10 Outgoing links

Page URL History

Redirected requests

268 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

app.tweakdoor.com Open in urlscan Pro
2a02:4780:b:653:0:31a8:9fcf:2 Public Scan

Screenshot
Live screenshot

Full Image

268
Requests

93 %
HTTPS

58 %
IPv6

35
Domains

64
Subdomains

55
IPs

7
Countries

50552 kB
Transfer

55746 kB
Size

18
Cookies

268 HTTP transactions
7 data transactions