www.twipu.com Open in urlscan Pro
157.230.205.23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.twipu.com/Ki11Windows
Effective URL:
https://www.twipu.com/Ki11Windows
Submission: On May 06 via manual (May 6th 2020, 1:26:45 am UTC) from PH

Summary HTTP 178 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 32 domains to perform 178 HTTP transactions. The main IP is 157.230.205.23, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.twipu.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 11th 2019. Valid for: a year.

This is the only time www.twipu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	157.230.205.23 157.230.205.23	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
41	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
3	72.246.168.118 72.246.168.118	16625 (AKAMAI-AS) (AKAMAI-AS)
13	104.22.3.144 104.22.3.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:201... 2600:9000:2016:c600:17:a95a:6580:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:201... 2600:9000:2016:d600:1a:a6:7f00:21	16509 (AMAZON-02) (AMAZON-02)
5	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	104.16.108.112 104.16.108.112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.107.202 104.16.107.202	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.16.107.146 104.16.107.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.45.98.207 23.45.98.207	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.22.2.144 104.22.2.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	151.101.12.84 151.101.12.84	54113 (FASTLY) (FASTLY)
8	185.29.135.181 185.29.135.181	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
16	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4 8	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
4 4	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	23.45.237.36 23.45.237.36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 7	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
3	2.18.232.109 2.18.232.109	16625 (AKAMAI-AS) (AKAMAI-AS)
10	34.240.212.15 34.240.212.15	16509 (AMAZON-02) (AMAZON-02)
5 6	104.111.239.246 104.111.239.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6810:f2f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
8	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.22.19.89 104.22.19.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
1	213.254.244.12 213.254.244.12	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1 1	85.239.105.10 85.239.105.10	16097 (HLKOMM 04...) (HLKOMM 04107 Leipzig)
1	2606:4700::68... 2606:4700::6813:fb79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	5.148.168.135 5.148.168.135	29691 (NINE) (NINE)
1 1	108.168.193.183 108.168.193.183	36351 (SOFTLAYER) (SOFTLAYER)
1	94.31.29.131 94.31.29.131	33438 (HIGHWINDS2) (HIGHWINDS2)
2	213.254.244.22 213.254.244.22	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
178	37

10 157.230.205.23 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.twipu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.246.168.118 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-118.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.22.3.144 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt5003.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2016:c600:17:a95a:6580:21 (United States)

ASN16509 (AMAZON-02, US)

d141wsrw9m4as6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2016:d600:1a:a6:7f00:21 (United States)

ASN16509 (AMAZON-02, US)

dc5k8fg5ioc8s.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.108.112 (United States)

ASN13335 (CLOUDFLARENET, US)

herepackagine.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.107.202 (United States)

ASN13335 (CLOUDFLARENET, US)

symphoneupcom.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.16.107.146 (United States)

ASN13335 (CLOUDFLARENET, US)

chairwaydenew.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.98.207 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-98-207.deploy.static.akamaitechnologies.com

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.2.144 (United States)

ASN13335 (CLOUDFLARENET, US)

rt5003.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.29.135.181 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.18.233.201 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.21.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.135.227 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.45.237.36 (United States)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-237-36.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 138.201.63.157 (Heppenheim an der Bergstrasse, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.109 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-109.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.240.212.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-212-15.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.239.246 (Netherlands) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-246.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:f2f1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 84.200.5.215 (Germany) 1 redirects

ASN31400 (ACCELERATED-IT, DE)

cct.connects.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.19.89 (United States)

ASN13335 (CLOUDFLARENET, US)

r.adport.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

hal90002.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.12 (Ireland)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.239.105.10 (Roetha, Germany) 1 redirects

ASN16097 (HLKOMM 04107 Leipzig, DE)

trf.greatviews.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:fb79 (United States)

ASN13335 (CLOUDFLARENET, US)

www.elitepartner.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.148.168.135 (Switzerland)

ASN29691 (NINE, CH)
PTR: adresult08.nine.ch

www.adtracker.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.168.193.183 (Dallas, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.c1.a86c.ip4.static.sl-reverse.com

ngp1.intnotif.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.131 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.131.IPYX-077437-ZYO.above.net

www.ssaimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.22 (Ireland)

ASN36062 (DOUBLE-VERIFY, US)

tps20238.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	twimg.com pbs.twimg.com	2 MB
28	mathtag.com 4 redirects tags.mathtag.com pixel.mathtag.com sync.mathtag.com	20 KB
14	infolinks.com resources.infolinks.com router.infolinks.com rt5003.infolinks.com	428 KB
13	redintelligence.net 1 redirects hal9000.redintelligence.net hal90007.redintelligence.net hal90002.redintelligence.net	19 KB
10	mediamathtag.com s.update.mediamathtag.com	37 KB
10	twipu.com 1 redirects www.twipu.com	468 KB
8	pubmatic.com ads.pubmatic.com aktrack.pubmatic.com
8	doubleclick.net 4 redirects cm.g.doubleclick.net	1 KB
8	chairwaydenew.site chairwaydenew.site	4 KB
6	connects.ch 1 redirects cct.connects.ch	391 B
6	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com tps.doubleverify.com tps20238.doubleverify.com	69 KB
4	awin1.com 3 redirects www.awin1.com	2 KB
4	bluekai.com stags.bluekai.com	3 KB
4	addthis.com s7.addthis.com api-public.addthis.com	189 KB
4	paypal.com www.paypal.com t.paypal.com	79 KB
3	symphoneupcom.site symphoneupcom.site	6 KB
2	conrad.ch www.conrad.ch
2	zenaps.com 2 redirects www.zenaps.com	1 KB
2	pinterest.com widgets.pinterest.com	456 B
2	facebook.com graph.facebook.com	734 B
2	google-analytics.com www.google-analytics.com	18 KB
2	cloudfront.net d141wsrw9m4as6.cloudfront.net dc5k8fg5ioc8s.cloudfront.net	109 KB
1	ssaimg.com www.ssaimg.com	4 KB
1	intnotif.club 1 redirects ngp1.intnotif.club	184 B
1	adtracker.ch www.adtracker.ch	156 B
1	elitepartner.ch www.elitepartner.ch
1	greatviews.de 1 redirects trf.greatviews.de	2 KB
1	adport.io r.adport.io Failed	188 B
1	googleapis.com imasdk.googleapis.com	90 KB
1	addthisedge.com v1.addthisedge.com	699 B
1	moatads.com z.moatads.com	1 KB
1	herepackagine.info herepackagine.info	21 KB
178	32

	Domain	Requested by
41	pbs.twimg.com	www.twipu.com
16	pixel.mathtag.com	tags.mathtag.com blank pixel.mathtag.com
10	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
10	www.twipu.com	1 redirects www.twipu.com
8	cm.g.doubleclick.net	4 redirects blank
8	tags.mathtag.com	blank tags.mathtag.com
8	chairwaydenew.site	www.twipu.com dc5k8fg5ioc8s.cloudfront.net
7	hal90007.redintelligence.net	1 redirects blank hal9000.redintelligence.net hal90007.redintelligence.net
7	rt5003.infolinks.com	resources.infolinks.com www.twipu.com
6	cct.connects.ch	1 redirects hal90007.redintelligence.net blank
5	resources.infolinks.com	www.twipu.com resources.infolinks.com
4	aktrack.pubmatic.com	blank
4	ads.pubmatic.com	blank
4	www.awin1.com	3 redirects hal90002.redintelligence.net
4	stags.bluekai.com	tags.mathtag.com
4	sync.mathtag.com	4 redirects
4	hal9000.redintelligence.net	www.twipu.com
3	symphoneupcom.site	d141wsrw9m4as6.cloudfront.net dc5k8fg5ioc8s.cloudfront.net
3	www.paypal.com	www.twipu.com www.paypal.com
2	tps20238.doubleverify.com	cdn.doubleverify.com
2	hal90002.redintelligence.net	hal9000.redintelligence.net hal90002.redintelligence.net
2	www.conrad.ch	hal90007.redintelligence.net
2	www.zenaps.com	2 redirects
2	cdn.doubleverify.com	tags.mathtag.com www.twipu.com
2	api-public.addthis.com	s7.addthis.com
2	widgets.pinterest.com	s7.addthis.com
2	graph.facebook.com	s7.addthis.com
2	router.infolinks.com	resources.infolinks.com
2	www.google-analytics.com	www.twipu.com
2	s7.addthis.com	www.twipu.com s7.addthis.com
1	www.ssaimg.com	www.twipu.com
1	ngp1.intnotif.club	1 redirects
1	www.adtracker.ch	blank
1	www.elitepartner.ch	hal90002.redintelligence.net
1	trf.greatviews.de	1 redirects
1	tps.doubleverify.com	cdn.doubleverify.com
1	cdn3.doubleverify.com	cdn.doubleverify.com
1	r.adport.io	www.twipu.com dc5k8fg5ioc8s.cloudfront.net
1	imasdk.googleapis.com	resources.infolinks.com
1	t.paypal.com	www.twipu.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	herepackagine.info	www.twipu.com
1	dc5k8fg5ioc8s.cloudfront.net	www.twipu.com
1	d141wsrw9m4as6.cloudfront.net	www.twipu.com
178	45

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.thesun.co.uk
dlvr.it
t.co
lbry.tv
www.addthis.com

Subject Issuer	Validity	Valid
twipu.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-11` - `2020-07-09`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-26` - `2020-10-09`	6 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
herepackagine.info CloudFlare Inc ECC CA-2	`2020-03-30` - `2020-10-09`	6 months	crt.sh
symphoneupcom.site CloudFlare Inc ECC CA-2	`2020-04-12` - `2020-10-09`	6 months	crt.sh
chairwaydenew.site CloudFlare Inc ECC CA-2	`2020-04-08` - `2020-10-09`	6 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net Let's Encrypt Authority X3	`2020-04-22` - `2020-07-21`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2019-12-09` - `2021-03-09`	a year	crt.sh
smwjqy.com Sectigo ECC Domain Validation Secure Server CA	`2019-11-19` - `2020-06-04`	7 months	crt.sh
www.conrad.ch GeoTrust EV RSA CA 2018	`2019-03-13` - `2020-09-29`	2 years	crt.sh
cct.connects.ch Let's Encrypt Authority X3	`2020-03-16` - `2020-06-14`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2019-03-22` - `2020-06-20`	a year	crt.sh
www.elitepartner.ch CloudFlare Inc ECC CA-2	`2020-02-05` - `2020-10-09`	8 months	crt.sh
adtracker.ch Let's Encrypt Authority X3	`2020-04-05` - `2020-07-04`	3 months	crt.sh
www.ssaimg.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-12` - `2022-04-14`	2 years	crt.sh

This page contains 29 frames:

Primary Page: https://www.twipu.com/Ki11Windows
Frame ID: 766453CE8EE51951D41EDB17AE2F37A1
Requests: 96 HTTP requests in this frame

Frame: https://symphoneupcom.site/UjJidEszUAEZdDMPAFI+IF5fUXkUF1AyL2MGUwM4IEVbGX8zQVRaKD5dFxAtIF0MAGU8VxZReRR7MBgRCFMlRCcdZgE7Hjh7R0YNAmQ0Ii8FYBAsJ2dVMjckGnMYLjkecFoXAmB/GCEYB3QkMwoTfCU1IhtFGiUvGnNTNxofWgNHcxxzGyI5M3dWOQI4YAksDiFLKB4SFmcmMSMZRSMuAChZEjwJIlUrDiMEcyEfOB9zMzYBYXwQOCc6XTgaMzNqNUAjH3M7PgABdxMgHWsALTd6HGpRLiUzZzgQEmBnACAdawArIAoVZVE+MTNbEj0vFWsKLCc+RAFGZiZrJjASP3wzRCobSDMNCgBeCC4Ja1Y6Gg1mUw5BAjZ1OAwKJWcbOzEEfDoDHShTUxMJHkhSTB8EC1A5HyV+IB0ndwAkEg0iViggfyBwFTUhMQARAR0KVlYVHghoBhkBJmAODHswARoVEwZnUSQ8OVQuRwUgfg4cegtqBhYcYHMILg0qUARGfiJxU0E8HwAgFQ8re1MWDSViBg4BOmozBycIXxIQExFWFzsNKlNEHjg9XBJJPiVDB0Eha3ohNnI6aw
Frame ID: EA38ED95B4D6E8B7CF3F074FE2B6FC84
Requests: 1 HTTP requests in this frame

Frame: https://symphoneupcom.site/MXhudVBQGg0Yb1BFDFMlQxRTUGJ3XVwzNFJNBU02Vk0HGjMJC0AWPF4NChMiXhYaWz5UDEtHFgcrOidmYz4/BAdJKQcUKgAcJhs8Qh0ZMx1SSigDCFYTHDo6WjI+Ajd1HihFY2EVIxcIZEwsFjoANyYbPFwaXxIyehIgRRVZQB87Y2A+NjYFRjMZGR9oES9AB0k+WzwDVSkmDBkIMl8wNWgRKxoTYxscOTlzISgcBkkdXT8AUBU8BhJaCB08KXMZJhwjWzcGMxlVPAFMFWQQXi8IWhk9GBZfOxYzGVU7IxIHWgAZFghBSjZGClo1Pz8fUyAoQhJzVR1FGnIuPDEDdEonGWB+ITksAHAtAg81XxctLWNrEzcjaGI1Kh48dC0JPTNpCyszOQFdXDMccz4nERR8CzgNFUMeOQIXYhENTR8ACzY8CHdPDR4aAB0AHjFlFjwSNmMIIhE9AAssHj8CNj1MBnI7Xw01AjI+EWJ/FixFKFgxNiR2WwsBGyAMPSIiZVg1FEICWEwr
Frame ID: 94F71C78C8A29B83A1527490B684E8B3
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3152171&wsid=0
Frame ID: 0983936AEBB57978FC172A115EC3A5EF
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMDA4ODQwNDU3MzE2MzYvNjg4MTM2Ny80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzanhlTXVwSkZGeUdrOXZMTnRfbGhWYy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjAwODg0MDQ1NzMxNjM2L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/21D2mE_nGbvnP3g465yJX2JBEqk&nodeid=2292&group=us-east&auctionid=4402200884045731636&exch=pub&sid=4830672&cid=6881367&price=0.030908&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Frame ID: FB9149E7AADE4FF021B6574F64B9378E
Requests: 11 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMDIyNjcwMjUyMDA5NDgvNjg4MTM2Ny80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzcENOYktCLUdIM3ZIQmx6aHlyaFliZy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjAyMjY3MDI1MjAwOTQ4L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/Slb_oJ0PNfZOzWErh5SWbX1KRTE&nodeid=2292&group=us-east&auctionid=4402202267025200948&exch=pub&sid=4830672&cid=6881367&price=0.030924&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Frame ID: 765E2173890BB26D642CB16DEC5B9F54
Requests: 11 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDI1MDQwODUxMTQ1MDkxMDgvNjg4MTM2MS80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzbFhaZENjTFROU1Iybm9PbEFRVmlndy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyNTA0MDg1MTE0NTA5MTA4L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/kZAg6q59yZg_fLydnxBxE0YScGk&nodeid=2292&group=us-east&auctionid=4402504085114509108&exch=pub&sid=4830672&cid=6881361&price=0.031529&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Frame ID: 1FD70EE3510E18FD726C8722A8034877
Requests: 23 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMTI0Mjg5MTc4MjMyODQvNjg4MTM2MS80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzamJUNWt6UHRqaUxENUFyajVPRlFERS8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjEyNDI4OTE3ODIzMjg0L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/XnrzuNjyX6uZ7LYrs7Vulwg4aZw&nodeid=2292&group=us-east&auctionid=4402212428917823284&exch=pub&sid=4830672&cid=6881361&price=0.029249&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Frame ID: 4E3C438F5E906E8C13652F4DEFA48D54
Requests: 11 HTTP requests in this frame

Frame: https://www.conrad.ch/ztpv.php?insert=AW
Frame ID: 9741F4B318C4BAA169C72B75CE4C937E
Requests: 1 HTTP requests in this frame

Frame: https://cct.connects.ch/tpv.php?t=116827V1843154055B&subid=56919400019927901060214011221007
Frame ID: E5A75C3234E8303138A7DD5C78A2F0E8
Requests: 1 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=56919400019927901060214011221007&a=75e696e1
Frame ID: 2D8FE411E08577FC4B9D38494B516F85
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 18C5230C013B42588602FD447F1C9808
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156872&siteId=284982&adId=1373832&adType=10&adServerId=243&kefact=0.021635&kaxefact=0.021635&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1588728372&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.030908&dcId=2&tldId=58508322&passback=0&svr=BIDVA065&ekefact=NBKyXqzwCgC7uPcLCTI1lEEJDCZkRdHqnAHokTgDcfr6jgx0&ekaxefact=NBKyXrjwCgDTM_A-h-TZvTzf7mZKGCEk6FhMjB1PQ_w53l-R&ekpbmtpfact=NBKyXsHwCgBxZFpWisiyK7njXT3T3kn7RltlWISc0w0LT9aS&enpp=NBKyXsvwCgAJbS0JNMGbs4jYaul1mglGmwwWv0dNTNJHZaY-&crID=6881367&lpu=soberberlin.com&ucrid=14222794932046070304&campaignId=16735&creativeId=0&pctr=0.000000&wDSPByrId=101936&wDspId=27&wbId=0&wrId=0&wAdvID=985929&wDspCampId=655130&isRTB=1&rtbId=C6EBBB64-A30D-4A8C-8507-07195BCBA46C&imprId=E0610CE6-61DA-4DBD-A465-721104329C03&oid=E0610CE6-61DA-4DBD-A465-721104329C03&country=CH&cntryId=45&domain=twipu.com&pageURL=www.twipu.com&sec=1
Frame ID: 614EE7C208D0B783109D55E6B761668B
Requests: 1 HTTP requests in this frame

Frame: https://www.conrad.ch/ztpv.php?insert=AW
Frame ID: AA6AEF3971B8040F44DE30611BB4A88C
Requests: 1 HTTP requests in this frame

Frame: https://cct.connects.ch/tpv.php?t=116827V1843154055B&subid=11743800019928301060216011221007
Frame ID: CB9F228314919921C7557C89B87AA652
Requests: 1 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=11743800019928301060216011221007&a=a69415f3
Frame ID: C66E7EEA8FD2CAC1C8A2C8CE02A6601B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements319.js
Frame ID: 0E2E0EC2359EE832CF2E64991AF8F2BC
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 471C88F845BD514AB30778502C77D0E0
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156872&siteId=284982&adId=1373834&adType=10&adServerId=243&kefact=0.022071&kaxefact=0.022071&kadNetFrequecy=0&kadwidth=160&kadheight=600&kadsizeid=10&kltstamp=1588728372&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.031529&dcId=2&tldId=58508322&passback=0&svr=BIDVA087&ekefact=NBKyXs-7DAArFEGNu340RjU6Fhrdatg1ga022nHW4ubS_e7E&ekaxefact=NBKyXuK7DABQfHXqcOJxKcSWEq9j5X3hLJO_bj98ftx7jJyN&ekpbmtpfact=NBKyXu67DABVMAIsMuobNSh8oSsvtzvwJEzdIJsCl6DXi3-1&enpp=NBKyXgO8DACtktOPPwygjFbsSeOwtXna4qrSoBQcLnxs6Rkb&crID=6881361&lpu=soberberlin.com&ucrid=14432316779050365902&campaignId=16735&creativeId=0&pctr=0.000000&wDSPByrId=101936&wDspId=27&wbId=1&wrId=0&wAdvID=985929&wDspCampId=655130&isRTB=1&rtbId=61C09E63-737C-40A5-A7F5-DD601205AA8C&imprId=E44B189B-AFD1-4CCC-A8DC-323015E4418C&oid=E44B189B-AFD1-4CCC-A8DC-323015E4418C&country=CH&cntryId=45&domain=twipu.com&pageURL=www.twipu.com&sec=1
Frame ID: DD53AE8765D3608C65837B7FCD123800
Requests: 1 HTTP requests in this frame

Frame: https://r.adport.io/i/ic/EObRcP5rssQE1rpRsq8Q0zXHBzcZTSSJ-q1osh4WMZJEsMGeerGas6XeaSCrHqCtpN8T_gty7BM0E_6ivmTFVwh_OEmyXbj-gbwhyqVpls8B2nZgBDiKAeF1mx0BqdM5w82jfaeGqLi_jZdXF0fzifpTHNQWXd_06xIEnA9ujhh9Kw7obNurTxVINiuCkgSKuBeEfBcqXQJFeDLHiuPkccKO_4mg1g6HCcAN6PR2zT7MVNn2XA6ub8IFFDZBL0NiPEkwvru-IxyfcMqrBM-1drQTw5EU3gM2QqkEEme_ZrjUOA7zrbGdbCcHNKWxhdlNKwouaMkUTxm-4_7d0c-opScSUZhURlLND5w
Frame ID: 4D8DBF9F8EAAA1944D80CDC0F51396FA
Requests: 4 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: C7C6713A2E20B20DB3109617800A1FDD
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2347560&v=14114&q=358322&r=414915&pref1=84075300014879201060214011221002&pv=1
Frame ID: 42002AECF57B96B80FF304248CEB4B59
Requests: 1 HTTP requests in this frame

Frame: https://www.elitepartner.ch/cms_lp/16/u/ht/index.html?pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1588728376_94c1c990-8f38-11ea-80d2-692d035208c1ID_GV1588728376.5564004.94df87a0-8f38-11ea-a5b1-00155d50a602ID&cj=YToyOntzOjI6ImlkIjtzOjM4OiJjajk0ZGZjYWU0LThmMzgtMTFlYS1hNWIxLTAwMTU1ZDUwYTYwMiI7czo2OiJleHBpcmUiO2k6MTY1MTgwMDM3Njt9
Frame ID: BF4A3D37173C2BF9A6B021EA762E4CBE
Requests: 1 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=84075300014879201060214011221002&a=21db9a49
Frame ID: 5CE500A82B560841DCEE206B55565853
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BC7670CED278E4F99E1E72F83DF8CC68
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156872&siteId=284982&adId=1373832&adType=10&adServerId=243&kefact=0.021647&kaxefact=0.021647&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1588728372&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.030924&dcId=2&tldId=58508322&passback=0&svr=BIDVA129&ekefact=NBKyXnzLCgA18Sgc8mAoqCLl5qUchI38VQsFR089qHaeXYLU&ekaxefact=NBKyXovLCgAS5OGUyOonJmen7m5yrV9f_JDt_hABNF8K0Lc2&ekpbmtpfact=NBKyXpzLCgCZEtGgCPllLoJir53nrFU-DEhPQ2r38q6IdoTn&enpp=NBKyXrDLCgBTIPoEhh3byYVBcJysZPDOd1ChCqBJt5thQE_9&crID=6881367&lpu=soberberlin.com&ucrid=14222794932046070304&campaignId=16735&creativeId=0&pctr=0.000000&wDSPByrId=101936&wDspId=27&wbId=0&wrId=0&wAdvID=985929&wDspCampId=655130&isRTB=1&rtbId=24CF5673-5A4E-4AEA-AA99-A5DE694B4589&imprId=90C4D537-A421-49BB-8137-3F5BFC7DB8F7&oid=90C4D537-A421-49BB-8137-3F5BFC7DB8F7&country=CH&cntryId=45&domain=twipu.com&pageURL=www.twipu.com&sec=1
Frame ID: 94875BFCB91DB380453FCE68E884DBD6
Requests: 1 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=45779700019930801060216011221007&a=00e927b3
Frame ID: D814B9A8A4319B03CE1324EB3F26D6A5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F253EFF7F4BC55DD96D071D1C51F585C
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156872&siteId=284982&adId=1373834&adType=10&adServerId=243&kefact=0.020475&kaxefact=0.020475&kadNetFrequecy=0&kadwidth=160&kadheight=600&kadsizeid=10&kltstamp=1588728372&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.029249&dcId=2&tldId=58508322&passback=0&svr=BIDVA179&ekefact=NBKyXs7nCgCKmB_JeB2mHjNXG6QkwgG94phKDgfEKhNBQhkv&ekaxefact=NBKyXuDnCgDYBizPcItvYdCk-zFW5VMmkBuvFlJ4BGOWCIYt&ekpbmtpfact=NBKyXvDnCgD4n4TLgdT7LCTj872ICZVv33flZscZGW95M-IH&enpp=NBKyXgDoCgCbePCDbINlHNrQ8UU42qN6p2_6zuY28A2weEkO&crID=6881361&lpu=soberberlin.com&ucrid=14432316779050365902&campaignId=16735&creativeId=0&pctr=0.000000&wDSPByrId=101936&wDspId=27&wbId=1&wrId=0&wAdvID=985929&wDspCampId=655130&isRTB=1&rtbId=B20F0D63-5E6D-48A1-98FB-B52C0CABBC7F&imprId=38C70866-3B50-4E5E-87EB-2771C8E185CE&oid=38C70866-3B50-4E5E-87EB-2771C8E185CE&country=CH&cntryId=45&domain=twipu.com&pageURL=www.twipu.com&sec=1
Frame ID: 022719B31DD28E7D7C67907ABDA3E699
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.twipu.com/Ki11Windows HTTP 301
https://www.twipu.com/Ki11Windows Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

178
Requests

98 %
HTTPS

21 %
IPv6

32
Domains

45
Subdomains

37
IPs

7
Countries

3980 kB
Transfer

6423 kB
Size

30
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/JuYeonKimTV/status/1257473262881255425
Title: https://twitter.com/JuYeonKimTV/status/1257473262881255425

Search URL Search Domain Scan URL

URL: https://www.thesun.co.uk/news/10352193/protesters-dozens-laser-pens-send-police-drone-crashing-ground-chile
Title: https://www.thesun.co.uk/news/10352193/protesters-dozens-laser-pens-send-police-drone-crashing-ground-chile

Search URL Search Domain Scan URL

URL: http://dlvr.it/RW421S
Title: http://dlvr.it/RW421S

Search URL Search Domain Scan URL

URL: https://twitter.com/xeviuss/status/1257512701577682944
Title: https://twitter.com/xeviuss/status/1257512701577682944

Search URL Search Domain Scan URL

URL: https://t.co/FzjrhQrH8Q
Title: https://t.co/FzjrhQrH8Q

Search URL Search Domain Scan URL

URL: https://t.co/MjnJ2k1pWE
Title: https://t.co/MjnJ2k1pWE

Search URL Search Domain Scan URL

URL: https://twitter.com/RandyHilarski/status/1257313000844783617
Title: https://twitter.com/RandyHilarski/status/1257313000844783617

Search URL Search Domain Scan URL

URL: https://lbry.tv/
Title: https://lbry.tv/

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.twipu.com/Ki11Windows HTTP 301
https://www.twipu.com/Ki11Windows Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=NWZhNjEyNjUtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAw HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEJKTIhgAdV6oizcSsoNW41A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w

Request Chain 106

https://hal90007.redintelligence.net/request.php?zone=5w5xilzgs0lt&nw=20&renderingType=javascript&namespace=55f0ce1107&subid=&uid=6d633e4834ffe39e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402200884045731636%26mt_id%3D6881367%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ancestorOrigins=https%3A%2F%2Fwww.twipu.com&random=2681472533132&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90007.redintelligence.net/request.php?zone=5w5xilzgs0lt&nw=20&renderingType=javascript&namespace=55f0ce1107&subid=&uid=6d633e4834ffe39e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402200884045731636%26mt_id%3D6881367%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ancestorOrigins=https%3A%2F%2Fwww.twipu.com&random=2681472533132&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=NWZhNjEyNjUtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAw HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEJKTIhgAdV6oizcSsoNW41A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=NWZhNjEyNjUtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAw HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEJKTIhgAdV6oizcSsoNW41A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=NWZhNjEyNjUtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAw HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEJKTIhgAdV6oizcSsoNW41A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w

Request Chain 129

https://www.awin1.com/cshow.php?s=2246541&v=11482&q=346449&r=414915&pref1=56919400019927901060214011221007&pv=1 HTTP 302
https://www.zenaps.com/cshow.php?pvr=93fec7b0-8f38-11ea-8c72-692d08c3400c&v=11482&r=414915&q=346449&s=2246541&viewref=56919400019927901060214011221007&pv=1 HTTP 302
https://www.conrad.ch/ztpv.php?insert=AW

Request Chain 136

https://www.awin1.com/cshow.php?s=2246541&v=11482&q=346449&r=414915&pref1=11743800019928301060216011221007&pv=1 HTTP 302
https://www.zenaps.com/cshow.php?pvr=940d1f90-8f38-11ea-80d2-692d035208c1&v=11482&r=414915&q=346449&s=2246541&viewref=11743800019928301060216011221007&pv=1 HTTP 302
https://www.conrad.ch/ztpv.php?insert=AW

Request Chain 155

https://www.awin1.com/cshow.php?s=2520058&v=9306&q=377095&r=414915&pref1=84075300014879201060214011221002&pv=1 HTTP 302
https://trf.greatviews.de/cl?m315=c&q=Grv3XWaQiME2c3i18P5mgkhg&pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1588728376_94c1c990-8f38-11ea-80d2-692d035208c1ID_GV00ID HTTP 302
https://www.elitepartner.ch/cms_lp/16/u/ht/index.html?pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1588728376_94c1c990-8f38-11ea-80d2-692d035208c1ID_GV1588728376.5564004.94df87a0-8f38-11ea-a5b1-00155d50a602ID&cj=YToyOntzOjI6ImlkIjtzOjM4OiJjajk0ZGZjYWU0LThmMzgtMTFlYS1hNWIxLTAwMTU1ZDUwYTYwMiI7czo2OiJleHBpcmUiO2k6MTY1MTgwMDM3Njt9

Request Chain 157

https://cct.connects.ch/tpv.php?t=116827V1485146143M&subid=84075300014879201060214011221002&pv=1 HTTP 302
https://www.adtracker.ch/upload/1x1.gif?x=1&lea_source=2020050603261630758152857X116827V1485146143MS84075300014879201060214011221002&utm_source=affil&utm_medium=NNNNN

Request Chain 161

https://ngp1.intnotif.club/adServe/wpnFeed/getImage?ai=5uUe7hOHc0L3xmimFIykq1t248FJq917Hy1WQF77YQpaqXR6F6EdvtUK5iYgal7gSuRaX5fYRrZudNzrAm_O0AIncVozaG4pq_le7J2uKvw3RBef58pfP2J4GeXt97A4LUINRSQ97Y_rgUgzLcKx37VkPw4Rkgq7v9rONtJM9uvD453cQE4fOUva9QoJYzti66yuueLZ5GNbZxEZ8F7YcwPaupErOkHl8iRjx1Pe7ShL7aDcPYFxLl-KH_Z98-Amfum3XXeyGtjEsTBksKPq9XV4Ag6zmgzgHlqwukK5l273NbyfRLDLPmcoe9XmWsrIGw9HJtHA6gABEtpx8HuBP-Y4cy0tdCID93Z7RuCQ6zpwMqEs5Awwz1v39NOsLHl8uk1yhBCHvH18tFa8M9evRB2BvUrR7fRjwra7OVJb-q2BoY2cMo-seOOuTVBQR248M_RoViYgjdJzfTDAasNq5BOWLim-WgdQhV-lClKJF-xQXXlzjOaHG0OI5bqf6sHurMz_usB1G2vb4MAV6GHTz3D_OV-txqsAwoo5XPtToKcAWe_jBNYpSs9kwbg9X9m34a7_Naog6mOGbSr5BF7sDmEbUvNgoD_r HTTP 302
https://www.ssaimg.com/~sW0AQ7HgCEc/9ea5ab1b1ff64b65d6102658de94bf609c1967490bfc8f13e0c0e717a96f51b8.jpeg

178 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set Ki11Windows Show response
www.twipu.com/
Redirect Chain

http://www.twipu.com/Ki11Windows
https://www.twipu.com/Ki11Windows

94 KB
10 KB

865ms
498ms

Document
text/html

157.230.205.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.twipu.com/Ki11Windows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.230.205.23 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

3489e6b40b60e82a90319b27d553c3acc3ba371bb8ebdfcfd7132e663162f5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: www.twipu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Wed, 06 May 2020 01:26:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN DENY
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff nosniff
X-XSS-Protection: 1; mode=block 1; mode=block
ETag: W/"178b6-Ua4ETjKtb7xgvKIHXZThMQIzH7g"
Set-Cookie: sid=s%3A3KeulPjR0Ve3wkF14rilvUaeEBjkYPo5.b1Nzc9FVjY6Y3N4DpMvipncg6nEZavdwY7tiz5K5BHQ; Path=/; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Wed, 06 May 2020 01:26:08 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
Location: https://www.twipu.com/Ki11Windows

GET
H/1.1 200
OK style.98d7cb149ef0968a62cb.css
www.twipu.com/css/ 41 KB
41 KB 190ms
189ms Stylesheet
text/css 157.230.205.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.twipu.com/css/style.98d7cb149ef0968a62cb.css

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.230.205.23 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

fb13722704f1f56a8c4a525a88295a8f5ae0b1cff6dbf8a2b0c28eafaddeec37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 15 Dec 2019 19:32:41 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df68a59-a225"
X-Frame-Options: DENY
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41509
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sw.js Show response
www.twipu.com/ 78 KB
78 KB 534ms
186ms Script
application/javascript 157.230.205.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.twipu.com/sw.js

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.230.205.23 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

562065974f2fd5cffcd6a98959c96f2c02399e08ad7f359969c594ca6d495009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Jan 2020 19:14:13 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e20b605-13666"
X-Frame-Options: DENY
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79462
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo.svg
www.twipu.com/img/ 5 KB
5 KB 545ms
181ms Image
image/svg+xml 157.230.205.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.twipu.com/img/logo.svg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.230.205.23 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

d41e81523866d7cad31492154198f32902b92eae40e93fd9ee32ba93115c44b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:10 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 Sep 2019 20:04:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d7aa4c2-121c"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4636
X-XSS-Protection: 1; mode=block

GET
H2 200 UYwofCsh_200x200.jpg
pbs.twimg.com/profile_images/1249595535096496128/ 8 KB
8 KB 41ms
14ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1249595535096496128/UYwofCsh_200x200.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4186) /

Resource Hash

14a913b3fc4682c3e42c66c08aa67bf4671e946c5666a363d27d4bd2ce96c404

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 450828
x-cache: HIT
status: 200
content-length: 8438
x-response-time: 125
surrogate-key: profile_images profile_images/bucket/1 profile_images/1249595535096496128
last-modified: Mon, 13 Apr 2020 07:07:26 GMT
server: ECS (fcn/4186)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 88fa1ea86a39061382a30134104d6aee
accept-ranges: bytes

GET
H2 200 mppn0fpx987617fpnhsl.png
pbs.twimg.com/profile_images/2408270569/ 24 KB
25 KB 33ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/2408270569/mppn0fpx987617fpnhsl.png

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D9) /

Resource Hash

4093cbc1c089e6ab55d0eeeed2b78fb2cba6afd2da1c114b39172ce1d120e5c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 444385
x-cache: HIT
status: 200
content-length: 24875
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/5 profile_images/2408270569
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/40D9)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f9518d37810fcad6aba04bda4f39361c
accept-ranges: bytes

GET
H2 200 9Jwcjvs1.jpg
pbs.twimg.com/profile_images/1250412653325045761/ 12 KB
12 KB 32ms
12ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1250412653325045761/9Jwcjvs1.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40EA) /

Resource Hash

e5302a2236057e5dc69ac46f67896127200503f1fde8cf678c8f893be5cd7f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 543721
x-cache: HIT
status: 200
content-length: 12302
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/8 profile_images/1250412653325045761
last-modified: Wed, 15 Apr 2020 13:14:22 GMT
server: ECS (fcn/40EA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 73588f02d15cd9d2a46a0a9d3e92dcf2
accept-ranges: bytes

GET
H2 200 7xfO9SSm.jpg
pbs.twimg.com/profile_images/1069099827949174785/ 42 KB
42 KB 30ms
27ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1069099827949174785/7xfO9SSm.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419E) /

Resource Hash

ff29e6c2b83a4402b18de37dd76caad09dd47e8edc9b2781fb206e2359b3631f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 355082
x-cache: HIT
status: 200
content-length: 42497
x-response-time: 117
surrogate-key: profile_images profile_images/bucket/1 profile_images/1069099827949174785
last-modified: Sun, 02 Dec 2018 05:21:56 GMT
server: ECS (fcn/419E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c4b7d59e8e0dd64c4d782161c5e8dde4
accept-ranges: bytes

GET
H2 200 YoL-D4nw.jpg
pbs.twimg.com/profile_images/1218796236385460224/ 18 KB
18 KB 18ms
15ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1218796236385460224/YoL-D4nw.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AA) /

Resource Hash

d7b3a20b827a0caaabe8375ffefc82c3367b771812328e7233f1e409486bede1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 566506
x-cache: HIT
status: 200
content-length: 18136
x-response-time: 119
surrogate-key: profile_images profile_images/bucket/1 profile_images/1218796236385460224
last-modified: Sun, 19 Jan 2020 07:22:01 GMT
server: ECS (fcn/41AA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7d519ddf1f8b1aaa838d5bb2d3448017
accept-ranges: bytes

GET
H2 200 IMG_5375.JPG
pbs.twimg.com/profile_images/960155350/ 547 KB
547 KB 31ms
28ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/960155350/IMG_5375.JPG

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DA) /

Resource Hash

4006a88c9a7664f7886fd14d9fa741c06180fa057c011128f1253a94a2c9db9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 93291
x-cache: HIT
status: 200
content-length: 559959
x-response-time: 135
surrogate-key: profile_images profile_images/bucket/6 profile_images/960155350
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/40DA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0816ddac94b0f82d061d635823a6a2fc
accept-ranges: bytes

GET
H2 200 I6qkeA3c.jpg
pbs.twimg.com/profile_images/960612648659365889/ 32 KB
32 KB 29ms
26ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/960612648659365889/I6qkeA3c.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AC) /

Resource Hash

a529925170ec2d7a933109eeec708a53f8991edb151e9dabc4c9d4eb52bccf50

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 523284
x-cache: HIT
status: 200
content-length: 32796
x-response-time: 127
surrogate-key: profile_images profile_images/bucket/1 profile_images/960612648659365889
last-modified: Mon, 05 Feb 2018 20:32:37 GMT
server: ECS (fcn/41AC)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 002618e7a382966cf0cd048c8b645efc
accept-ranges: bytes

GET
H2 200 plOWXtmJ.png
pbs.twimg.com/profile_images/670747818282369026/ 144 KB
144 KB 19ms
15ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/670747818282369026/plOWXtmJ.png

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419B) /

Resource Hash

5d4ee4e58293d81c998a5bd7ad55dafa44de39870be4e9583f253bdcd30180a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 444736
x-cache: HIT
status: 200
content-length: 147098
x-response-time: 117
surrogate-key: profile_images profile_images/bucket/6 profile_images/670747818282369026
last-modified: Sat, 28 Nov 2015 23:33:16 GMT
server: ECS (fcn/419B)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 778ad87bd7948c12b61722a372112369
accept-ranges: bytes

GET
H2 200 capahnvH.jpg
pbs.twimg.com/profile_images/1210943015163965450/ 24 KB
25 KB 31ms
27ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1210943015163965450/capahnvH.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DC) /

Resource Hash

feeabfc1fcb2de1f6ba5bfb6e51c0123950abd401b64345217e8d93539d705b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 268481
x-cache: HIT
status: 200
content-length: 24875
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/9 profile_images/1210943015163965450
last-modified: Sat, 28 Dec 2019 15:16:07 GMT
server: ECS (fcn/40DC)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d1a1b6d3d6fd1aa82cb12e29b5dc55f7
accept-ranges: bytes

GET
H2 200 pReDqihH.jpg
pbs.twimg.com/profile_images/1155693760665153536/ 18 KB
18 KB 30ms
27ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1155693760665153536/pReDqihH.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

cecebf774f5680e22a363ad596d7007ae261160230af39741641febe7f18ee2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 460906
x-cache: HIT
status: 200
content-length: 18136
x-response-time: 121
surrogate-key: profile_images profile_images/bucket/9 profile_images/1155693760665153536
last-modified: Mon, 29 Jul 2019 04:15:18 GMT
server: ECS (fcn/418C)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 679e8e696cdd7cbe497c6af6ad9ceb9f
accept-ranges: bytes

GET
H2 200 Golp0sMi.jpg
pbs.twimg.com/profile_images/995934742775255040/ 12 KB
12 KB 30ms
26ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/995934742775255040/Golp0sMi.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4191) /

Resource Hash

16ed3524b272cc90a215114d01159009c52cff335f5e0215fe21a66cea7a3ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 446646
x-cache: HIT
status: 200
content-length: 12302
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/7 profile_images/995934742775255040
last-modified: Mon, 14 May 2018 07:50:00 GMT
server: ECS (fcn/4191)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b298e55f824bca9e12a36718d40831f7
accept-ranges: bytes

GET
H2 200 CcZyUi_J.jpg
pbs.twimg.com/profile_images/1058397541530853376/ 18 KB
18 KB 30ms
27ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1058397541530853376/CcZyUi_J.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E5) /

Resource Hash

7182cd8a66b3ba221fd7dec7811cba2cdb0ba50c6775aa36912c51e9582db53d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 102637
x-cache: HIT
status: 200
content-length: 18136
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/5 profile_images/1058397541530853376
last-modified: Fri, 02 Nov 2018 16:34:52 GMT
server: ECS (fcn/40E5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3e08a4ce9613d5fc8b74087a119477ae
accept-ranges: bytes

GET
H2 200 7u_N326h.jpg
pbs.twimg.com/profile_images/1129923643046277125/ 24 KB
24 KB 31ms
28ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1129923643046277125/7u_N326h.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DD) /

Resource Hash

56df41ce1cfb62b030165b2828a2bc1eb136f1fd9aebd04ac8511a198d0f438d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 477189
x-cache: HIT
status: 200
content-length: 24875
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/8 profile_images/1129923643046277125
last-modified: Sun, 19 May 2019 01:34:04 GMT
server: ECS (fcn/40DD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4969961619ccc54855e2bae20ff6456f
accept-ranges: bytes

GET
H2 200 ct6WZDfY.png
pbs.twimg.com/profile_images/1115073659071152129/ 440 KB
440 KB 31ms
28ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1115073659071152129/ct6WZDfY.png

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A2) /

Resource Hash

8e86ce75e0059ac667da367dfab728cac0824f6852759d1a7ce92d9079fc02a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 586642
x-cache: HIT
status: 200
content-length: 450558
x-response-time: 183
surrogate-key: profile_images profile_images/bucket/4 profile_images/1115073659071152129
last-modified: Mon, 08 Apr 2019 02:05:32 GMT
server: ECS (fcn/41A2)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f4bb2e11c59d16fdf02f479ffec652f9
accept-ranges: bytes

GET
H2 200 D5o8a4NM.jpg
pbs.twimg.com/profile_images/1065175079343058944/ 18 KB
18 KB 31ms
28ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1065175079343058944/D5o8a4NM.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B3) /

Resource Hash

bcfbe0497a552e672023f80d54b2abc09e05b85dc711dbe93f62f9012a7566cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 278546
x-cache: HIT
status: 200
content-length: 18136
x-response-time: 167
surrogate-key: profile_images profile_images/bucket/9 profile_images/1065175079343058944
last-modified: Wed, 21 Nov 2018 09:26:23 GMT
server: ECS (fcn/40B3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ba616122db431d61d31a7f5e87c9c0c5
accept-ranges: bytes

GET
H2 200 ht4K0Mjq.jpg
pbs.twimg.com/profile_images/992102648361910272/ 42 KB
42 KB 32ms
29ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/992102648361910272/ht4K0Mjq.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AD) /

Resource Hash

d087bd020e501815a8b1dc880fe92d2e25aa007f6f57d4d5bebe03698bd415db

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 536735
x-cache: HIT
status: 200
content-length: 42497
x-response-time: 123
surrogate-key: profile_images profile_images/bucket/2 profile_images/992102648361910272
last-modified: Thu, 03 May 2018 18:02:38 GMT
server: ECS (fcn/40AD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 020cd61e6910934eea8e7d37e635db9b
accept-ranges: bytes

GET
H2 200 ky_BjTwR.jpg
pbs.twimg.com/profile_images/935433886250647552/ 42 KB
42 KB 32ms
29ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/935433886250647552/ky_BjTwR.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

839e41e4765795a957107eed20dc2f5525904c749f49b7591cd9236103405899

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 508315
x-cache: HIT
status: 200
content-length: 42497
x-response-time: 120
surrogate-key: profile_images profile_images/bucket/1 profile_images/935433886250647552
last-modified: Tue, 28 Nov 2017 09:01:12 GMT
server: ECS (fcn/40F7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6d4bca3b25f30b383c78c4716b859d07
accept-ranges: bytes

GET
H2 200 _PrgDgFA_200x200.jpg
pbs.twimg.com/profile_images/681152691461042177/ 8 KB
8 KB 31ms
28ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/681152691461042177/_PrgDgFA_200x200.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B2) /

Resource Hash

eeda6dbb8cc33cafb8911a57e0d726ef1437e145ec20ff9faf8a2ee8677756ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 137253
x-cache: HIT
status: 200
content-length: 7754
x-response-time: 126
surrogate-key: profile_images profile_images/bucket/5 profile_images/681152691461042177
last-modified: Sun, 27 Dec 2015 16:38:31 GMT
server: ECS (fcn/40B2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f1b3798f2cba0151327aef2499c34c43
accept-ranges: bytes

GET
H2 200 GnPOHwHS_200x200.jpg
pbs.twimg.com/profile_images/1222192421024468993/ 12 KB
12 KB 32ms
29ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1222192421024468993/GnPOHwHS_200x200.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B6) /

Resource Hash

2e00b7615a6ea88392e148962afb76ba9035583dcafb69151e10644ef74b166a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 31272
x-cache: HIT
status: 200
content-length: 12035
x-response-time: 126
surrogate-key: profile_images profile_images/bucket/5 profile_images/1222192421024468993
last-modified: Tue, 28 Jan 2020 16:17:15 GMT
server: ECS (fcn/40B6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0f39fc07028cafd11e99431cbf0c42fb
accept-ranges: bytes

GET
H2 200 5of8JY4H_200x200.jpg
pbs.twimg.com/profile_images/1170299744180215808/ 8 KB
9 KB 32ms
29ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1170299744180215808/5of8JY4H_200x200.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D8) /

Resource Hash

1c4d9a1f9adcce395f88b5a8fa6779a48858f7aecc395e004e5ae3b3b0e8af13

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 187251
x-cache: HIT
status: 200
content-length: 8431
x-response-time: 112
surrogate-key: profile_images profile_images/bucket/7 profile_images/1170299744180215808
last-modified: Sat, 07 Sep 2019 11:34:16 GMT
server: ECS (fcn/40D8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 162fef13361614f6f6d3a1ae3f56c7df
accept-ranges: bytes

GET
H2 200 Uy1G9ZzjaZZYq4gO.jpg
pbs.twimg.com/ext_tw_video_thumb/1257668129280360449/pu/img/ 17 KB
17 KB 32ms
29ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1257668129280360449/pu/img/Uy1G9ZzjaZZYq4gO.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4198) /

Resource Hash

16f1b3eaa753d4a8e925b5b2460fb179ad7daa142feb1abffdc86fd435e968bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 41879
x-cache: HIT
status: 200
content-length: 17454
x-response-time: 120
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/9 ext_tw_video_thumb/1257668129280360449
last-modified: Tue, 05 May 2020 13:45:03 GMT
server: ECS (fcn/4198)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 808dd135aa1e584cebd0f9a634b09c9a
accept-ranges: bytes

GET
H2 200 TuWGlKL1_200x200.jpg
pbs.twimg.com/profile_images/1246645913474535424/ 6 KB
6 KB 33ms
29ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1246645913474535424/TuWGlKL1_200x200.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DA) /

Resource Hash

c82c4ded353923fb2a0e119ee93adb5ca1c92c4adccb44fb60edad1452e06676

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 243367
x-cache: HIT
status: 200
content-length: 6121
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/3 profile_images/1246645913474535424
last-modified: Sun, 05 Apr 2020 03:46:41 GMT
server: ECS (fcn/40DA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 18e32c58fb9826adca75a06dca9a09e8
accept-ranges: bytes

GET
H2 200 vrr1Nloy_200x200.jpg
pbs.twimg.com/profile_images/1212387363558694912/ 8 KB
8 KB 33ms
30ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1212387363558694912/vrr1Nloy_200x200.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A8) /

Resource Hash

7dd7d4e6023fefbb4d394b4e96a571eec61d3b6b267b6c6a15036b2591fb2148

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 539798
x-cache: HIT
status: 200
content-length: 7810
x-response-time: 114
surrogate-key: profile_images profile_images/bucket/7 profile_images/1212387363558694912
last-modified: Wed, 01 Jan 2020 14:55:27 GMT
server: ECS (fcn/41A8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 77324e0dac9bfd4768640144462a8b04
accept-ranges: bytes

GET
H2 200 EXRjKzUU8AANwTG.jpg
pbs.twimg.com/media/ 85 KB
85 KB 33ms
30ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EXRjKzUU8AANwTG.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4188) /

Resource Hash

ef48c2e24927c424831e7e1ceefce97417db6928a3b099c72af8802a203da493

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 24992
x-cache: HIT
status: 200
content-length: 87199
x-response-time: 129
surrogate-key: media media/bucket/7 media/1257739233168519168
last-modified: Tue, 05 May 2020 18:27:35 GMT
server: ECS (fcn/4188)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2fdb5218407a67689bd6828666dca18e
accept-ranges: bytes

GET
H2 200 JtPLyaDD3_bLTQrP.jpg
pbs.twimg.com/ext_tw_video_thumb/1257684895180025857/pu/img/ 46 KB
46 KB 33ms
30ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1257684895180025857/pu/img/JtPLyaDD3_bLTQrP.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

62d494420cbd904c7f88776f3dd55bd4feed0cd207e08a0ff7826fd49e1a6229

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 37916
x-cache: HIT
status: 200
content-length: 46793
x-response-time: 127
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/1 ext_tw_video_thumb/1257684895180025857
last-modified: Tue, 05 May 2020 14:51:40 GMT
server: ECS (fcn/40B5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 632d385f39739fda05d54d689aaa6132
accept-ranges: bytes

GET
H2 200 VBF0m-yj9f_t3AUx.jpg
pbs.twimg.com/ext_tw_video_thumb/1257561230576771072/pu/img/ 48 KB
48 KB 33ms
30ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1257561230576771072/pu/img/VBF0m-yj9f_t3AUx.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AF) /

Resource Hash

56d42ca0dbbbe86b42e3bd7041cdba55e79c57c591f2c16f3e3625d5f07d28b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 66535
x-cache: HIT
status: 200
content-length: 49440
x-response-time: 112
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/2 ext_tw_video_thumb/1257561230576771072
last-modified: Tue, 05 May 2020 06:40:16 GMT
server: ECS (fcn/41AF)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e6507a4d61287d1053fd195363321ab1
accept-ranges: bytes

GET
H2 200 9HfrhIKP_200x200.jpg
pbs.twimg.com/profile_images/1257589880290455553/ 12 KB
12 KB 33ms
30ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1257589880290455553/9HfrhIKP_200x200.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

ef9e9be205620dfc68b1d8ba1b992db732e1a096b5e50b0cdf4ccf0f0024c101

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 56527
x-cache: HIT
status: 200
content-length: 12101
x-response-time: 119
surrogate-key: profile_images profile_images/bucket/3 profile_images/1257589880290455553
last-modified: Tue, 05 May 2020 08:34:07 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a14adfaf58c38924c3c754a81d6a2ea0
accept-ranges: bytes

GET
H2 200 EXQyXj-WAAMbOt4.jpg
pbs.twimg.com/media/ 105 KB
106 KB 34ms
31ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EXQyXj-WAAMbOt4.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4187) /

Resource Hash

60c81789160a149056677862339c14712f0a06a975f1bbc1f42de1876b29206c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 35826
x-cache: HIT
status: 200
content-length: 107887
x-response-time: 125
surrogate-key: media media/bucket/4 media/1257685576318320643
last-modified: Tue, 05 May 2020 14:54:22 GMT
server: ECS (fcn/4187)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e4525bdb5aee99991560a3225c5029d5
accept-ranges: bytes

GET
H2 200 A_gVhZCnkzifzgOT.jpg
pbs.twimg.com/ext_tw_video_thumb/1257473130265747457/pu/img/ 142 KB
142 KB 33ms
30ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1257473130265747457/pu/img/A_gVhZCnkzifzgOT.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FE) /

Resource Hash

4597966fc733d7e0abec683e6e2923af3a3fb8c8f8fb177506bd660a72323919

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 88399
x-cache: HIT
status: 200
content-length: 145573
x-response-time: 130
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/8 ext_tw_video_thumb/1257473130265747457
last-modified: Tue, 05 May 2020 00:50:11 GMT
server: ECS (fcn/40FE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1ce6e64ec10e78735379a61c04d233d6
accept-ranges: bytes

GET
H2 200 --DVWZIA_200x200.jpg
pbs.twimg.com/profile_images/1230928475160104960/ 10 KB
10 KB 33ms
31ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1230928475160104960/--DVWZIA_200x200.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4185) /

Resource Hash

a294f36c4dcefb9cba9431150d0fa3bb348dae0b4fb3bfc6b73f28c70340c640

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 368558
x-cache: HIT
status: 200
content-length: 10050
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/8 profile_images/1230928475160104960
last-modified: Fri, 21 Feb 2020 18:51:12 GMT
server: ECS (fcn/4185)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fca8d7c0e7f32fac1ddc57bdd7c21417
accept-ranges: bytes

GET
H2 200 FOCXtzk4_200x200.jpg
pbs.twimg.com/profile_images/1141459766637662209/ 7 KB
7 KB 34ms
31ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1141459766637662209/FOCXtzk4_200x200.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B1) /

Resource Hash

5d280890891fba36693fa7ac1636f879f9810da9e31f214e84ed3e250e3a92a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 556314
x-cache: HIT
status: 200
content-length: 7203
x-response-time: 118
surrogate-key: profile_images profile_images/bucket/5 profile_images/1141459766637662209
last-modified: Wed, 19 Jun 2019 21:34:30 GMT
server: ECS (fcn/40B1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 827d78a2928cdad81f8713342bc02e62
accept-ranges: bytes

GET
H2 200 n1tU4WLx_200x200.jpg
pbs.twimg.com/profile_images/1080559825946374144/ 9 KB
9 KB 34ms
31ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1080559825946374144/n1tU4WLx_200x200.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

12aa75eacc1abde327ceb409854d2d4b954f28df772dc8ba640289ae48786fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 126710
x-cache: HIT
status: 200
content-length: 9194
x-response-time: 174
surrogate-key: profile_images profile_images/bucket/3 profile_images/1080559825946374144
last-modified: Wed, 02 Jan 2019 20:19:52 GMT
server: ECS (fcn/418C)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b2df1366b2ae0f739c124aee4924105a
accept-ranges: bytes

GET
H2 200 EXNwMxyWkAE2H_Q.jpg
pbs.twimg.com/media/ 140 KB
141 KB 34ms
31ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EXNwMxyWkAE2H_Q.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AA) /

Resource Hash

b5af5ed56878f12e37689cfa23d3fee03395ca8036e767afe18b19bb3828e42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 86289
x-cache: HIT
status: 200
content-length: 143684
x-response-time: 129
surrogate-key: media media/bucket/4 media/1257472085791772673
last-modified: Tue, 05 May 2020 00:46:02 GMT
server: ECS (fcn/41AA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 964971df3b91af17c2f66c89601d9e1f
accept-ranges: bytes

GET
H2 200 ycpnYXZV_200x200.jpg
pbs.twimg.com/profile_images/1250109077474045952/ 14 KB
14 KB 34ms
31ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1250109077474045952/ycpnYXZV_200x200.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

25f6b1f852964d2b70cbfa89d8e6c80a2db66986b78452c37e595655b327a4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 370813
x-cache: HIT
status: 200
content-length: 14396
x-response-time: 125
surrogate-key: profile_images profile_images/bucket/6 profile_images/1250109077474045952
last-modified: Tue, 14 Apr 2020 17:08:04 GMT
server: ECS (fcn/418E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: afe582a31fbb99ccca0003d031727856
accept-ranges: bytes

GET
H2 200 APXCAsG7aswNfyDC.jpg
pbs.twimg.com/ext_tw_video_thumb/1256879731640680448/pu/img/ 53 KB
53 KB 34ms
31ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1256879731640680448/pu/img/APXCAsG7aswNfyDC.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

1456f910be0b6e8a48377dcf08a45af4e8e53ce3d5c9957b807f7fc770fca746

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 229882
x-cache: HIT
status: 200
content-length: 53797
x-response-time: 126
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/9 ext_tw_video_thumb/1256879731640680448
last-modified: Sun, 03 May 2020 09:32:14 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2fa32558d0ddc220111ebd771552ea5c
accept-ranges: bytes

GET
H2 200 EXJdWhiX0AEK87m.jpg
pbs.twimg.com/media/ 62 KB
62 KB 41ms
38ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EXJdWhiX0AEK87m.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

de9d649324670157c61980b7d89247e1aa62a7acfc3b38bc51865bb9a89f5d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 160711
x-cache: HIT
status: 200
content-length: 63023
x-response-time: 119
surrogate-key: media media/bucket/6 media/1257169887530831873
last-modified: Mon, 04 May 2020 04:45:12 GMT
server: ECS (fcn/4193)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 41f8e2514ae3df4eb18d15dbe9472639
accept-ranges: bytes

GET
H2 200 vQDG8pMA_200x200.jpg
pbs.twimg.com/profile_images/982704742135685120/ 8 KB
8 KB 34ms
32ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/982704742135685120/vQDG8pMA_200x200.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4187) /

Resource Hash

768abf58286afb6f967aa08ebd570b6faa05e8f20a33161ead37ed05d2d7e644

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 416707
x-cache: HIT
status: 200
content-length: 7851
x-response-time: 123
surrogate-key: profile_images profile_images/bucket/8 profile_images/982704742135685120
last-modified: Sat, 07 Apr 2018 19:38:42 GMT
server: ECS (fcn/4187)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fed5b2cd648972712acfeec037062c73
accept-ranges: bytes

GET
H2 200 kTTGeW2s_200x200.jpg
pbs.twimg.com/profile_images/1241476978231914497/ 10 KB
11 KB 41ms
39ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1241476978231914497/kTTGeW2s_200x200.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D8) /

Resource Hash

877c303313e35213c107f07893d715511af468ee56192ac7e0fd73aec12d2025

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 38297
x-cache: MISS
status: 200
content-length: 10720
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/3 profile_images/1241476978231914497
last-modified: Sat, 21 Mar 2020 21:27:11 GMT
server: ECS (fcn/40D8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b27bc51e43e40ca7d7449491196a5062
accept-ranges: bytes

GET
H2 200 EXCyDIjWkAIgRGr.jpg
pbs.twimg.com/media/ 98 KB
98 KB 175ms
172ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EXCyDIjWkAIgRGr.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FC) /

Resource Hash

4c1d2506ec3b5bc439be069650a87e8e6a8fe8b6316401848d8947d1dd677464

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-length: 100176
x-response-time: 138
surrogate-key: media media/bucket/3 media/1256700062941483010
last-modified: Sat, 02 May 2020 21:38:18 GMT
server: ECS (fcn/40FC)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 224a351bc1b6783c9bfcc444089bcaa1
accept-ranges: bytes

GET
H2 200 woAcFwnC_200x200.jpg
pbs.twimg.com/profile_images/1256678180892692482/ 13 KB
13 KB 41ms
39ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1256678180892692482/woAcFwnC_200x200.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AF) /

Resource Hash

eec41b321d577d52a3c0465ebc07396b3cb7e7c21f05041f54eef0da74103396

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 277883
x-cache: HIT
status: 200
content-length: 12934
x-response-time: 132
surrogate-key: profile_images profile_images/bucket/8 profile_images/1256678180892692482
last-modified: Sat, 02 May 2020 20:11:20 GMT
server: ECS (fcn/41AF)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f843d186bdbb2c1babafdb666b2de6c3
accept-ranges: bytes

GET
H2 200 EXAunMvXgAAPkaf.jpg
pbs.twimg.com/media/ 23 KB
23 KB 161ms
159ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EXAunMvXgAAPkaf.jpg

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4195) /

Resource Hash

efe716c0f3cbebe7a1a86a8ecda06ace0b450e901e88a4819b91c474aff596b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-length: 23473
x-response-time: 126
surrogate-key: media media/bucket/9 media/1256555547006042112
last-modified: Sat, 02 May 2020 12:04:02 GMT
server: ECS (fcn/4195)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4b406aabdba9288b86a32ff9ef07a30a
accept-ranges: bytes

GET
H/1.1 200
OK adsbygoogle.js Show response
www.twipu.com/ 106 B
454 B 196ms
182ms Script
application/javascript 157.230.205.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.twipu.com/adsbygoogle.js

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.230.205.23 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

b2818b1c00b965e3c6f8c229a2023011c935e1acfbdc5652d96a7f5a725ff244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 Sep 2019 20:04:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d7aa4c2-6a"
X-Frame-Options: DENY
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.paypal.com/sdk/ 232 KB
72 KB 109ms
50ms Script
application/javascript 72.246.168.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AUQfSwUmcyZOoh_q-P8ZNr0yfhH6j-V4XYQgoBRkLcjCzpDlkal9c8IYS8nrIPD6SNS8e_f82z86_Z3R

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-168-118.deploy.static.akamaitechnologies.com

Software

Resource Hash

1c6c85d77a976ac4680d6f3cf5b6063af2d27c856fb9e8852d1687b230064294

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-TFvg+RR6KAZTEr1ewnBJLBJyiQUBRTKUP2dKhQJLbLuU7VfR' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-TFvg+RR6KAZTEr1ewnBJLBJyiQUBRTKUP2dKhQJLbLuU7VfR' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-TFvg+RR6KAZTEr1ewnBJLBJyiQUBRTKUP2dKhQJLbLuU7VfR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-TFvg+RR6KAZTEr1ewnBJLBJyiQUBRTKUP2dKhQJLbLuU7VfR' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
p3p: true
status: 200
paypal-debug-id: a0d05e1d92eee
dc: ccg11-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 73044
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Wed, 06 May 2020 01:26:09 GMT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=21600
etag: W/"11d54-v78qR78u2R80oFmjcBSYuWlW4Qo"
expires: Wed, 06 May 2020 07:26:09 GMT

GET
H/1.1 200
OK vendor.c244d01e4d47794189ef.js Show response
www.twipu.com/js/ 196 KB
196 KB 184ms
184ms Script
application/javascript 157.230.205.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.twipu.com/js/vendor.c244d01e4d47794189ef.js

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.230.205.23 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

a0e7461288110905a1706198ad817713461420b891009d4aec1d602c628a8f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 15 Dec 2019 19:32:41 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df68a59-30e44"
X-Frame-Options: DENY
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 200260
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK profile.6a1de4eaabd3c2fccba7.js Show response
www.twipu.com/js/ 10 KB
10 KB 188ms
181ms Script
application/javascript 157.230.205.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.twipu.com/js/profile.6a1de4eaabd3c2fccba7.js

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.230.205.23 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

5a0cedbf83d13921d6bd41901dfa3a955ad89e340f10d62a474c3ff9a93adc4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 15 Dec 2019 19:32:41 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df68a59-265a"
X-Frame-Options: DENY
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9818
X-XSS-Protection: 1; mode=block

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 121ms
44ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e070e0adc850a205afe3244bb2408d880502d3d8f9cd00d93e7439785d05b2d

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:09 GMT
via: 1.1 google
cf-cache-status: HIT
age: 129
status: 200
content-encoding: gzip
cf-request-id: 0289302ab90000c785b9aed200000001
last-modified: Tue, 05 May 2020 21:23:54 GMT
server: cloudflare
etag: W/"b0c-5a4ed43ba4959"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 58eee9578cc6c785-AMS
expires: Wed, 06 May 2020 02:24:00 GMT

GET
H2 200 / Show response
d141wsrw9m4as6.cloudfront.net/ 103 KB
38 KB 100ms
51ms Script
text/plain 2600:9000:2016:c600:17:a95a:6580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=832263
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:c600:17:a95a:6580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4dcbc9b7bb7e967251e2b3b882c43aefef8c4035c8b3efeeb7ffcf11b19a8193

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 00:22:40 GMT
content-encoding: gzip
age: 3809
status: 200
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: HAM50-C2
content-length: 38468
via: 1.1 e0b7b5b5acbaaf300b6a25ae8c1035a9.cloudfront.net (CloudFront)
x-amz-cf-id: LrF6dx_d70eIrCIf9ntaIoKv8DVoLAuqgGYdKYGXJbYaC406cH1qwA==

GET
H2 200 / Show response
dc5k8fg5ioc8s.cloudfront.net/ 165 KB
71 KB 77ms
28ms Script
text/plain 2600:9000:2016:d600:1a:a6:7f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=825675
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:d600:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 038b993f0a982d7dc7739b0f1a9d933df821f866266ad23ad60dd36c47dd86b3

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 00:22:40 GMT
content-encoding: gzip
age: 3809
status: 200
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: HAM50-C2
content-length: 72489
via: 1.1 84465451fc5898ca8155a82c8976074f.cloudfront.net (CloudFront)
x-amz-cf-id: eAVBBZWunyWs5JTOV1r2PHJ4siV-T2kySy7F-C3UaHnEG9Q3RhxygQ==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 349 KB
113 KB 126ms
40ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 20:57:37 GMT
server: nginx/1.15.8
etag: "5e2765c1-57446"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Wed, 06 May 2020 01:26:09 GMT
x-host: s7.addthis.com
content-length: 114924

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2854
date: Wed, 06 May 2020 00:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18174
expires: Wed, 06 May 2020 02:38:35 GMT

GET
H/1.1 200
OK a3cxWksQVUItFB4FXXhxSR9FLjsYTR51PBwAHy48AgdEdCgEGh4pPEUdQnhnSQRcPGlRRh14PwoQbjMvSU0TYnhaQwVsaUdVQi8pNB5VaGlRVVM5KVNHB21%2FRhEFPHJGQwFsLUYVA2soRhYHPCheElVsKVoSA3g2 Show response
herepackagine.info/ 53 KB
21 KB 223ms
142ms Script
application/javascript 104.16.108.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herepackagine.info/a3cxWksQVUItFB4FXXhxSR9FLjsYTR51PBwAHy48AgdEdCgEGh4pPEUdQnhnSQRcPGlRRh14PwoQbjMvSU0TYnhaQwVsaUdVQi8pNB5VaGlRVVM5KVNHB21%2FRhEFPHJGQwFsLUYVA2soRhYHPCheElVsKVoSA3g2
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/sw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.108.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4b8552803df7e9f326b4f8974683207a0c3e0aafc0ecc553ae90c0afad471047

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:10 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-Powered-By: Express
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0289302ae40000cc4eb22d7200000001
Server: cloudflare
ETag: W/"d2c1-QnOpwg/wHGYcjbHlla0ZxdQECx0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
CF-RAY: 58eee957da3acc4e-ZRH
Access-Control-Allow-Headers: X-Requested-With,content-type

GET
H/1.1 200
OK Roboto-Bold.woff2
www.twipu.com/fonts/Roboto/ 63 KB
64 KB 342ms
340ms Font
application/octet-stream 157.230.205.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.twipu.com/fonts/Roboto/Roboto-Bold.woff2

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.230.205.23 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

de6f62c798f4ded375ac0963d17d281254a91029a44209f3b9c68d4d4ec514ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: https://www.twipu.com/css/style.98d7cb149ef0968a62cb.css
Origin: https://www.twipu.com

Response headers

Date: Wed, 06 May 2020 01:26:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 Sep 2019 20:04:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d7aa4c2-fd24"
X-Frame-Options: DENY
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64804
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Roboto-Regular.woff2
www.twipu.com/fonts/Roboto/ 63 KB
64 KB 368ms
189ms Font
application/octet-stream 157.230.205.23
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.twipu.com/fonts/Roboto/Roboto-Regular.woff2

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

157.230.205.23 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

364103bc6bf5b67d5297c758dd3f07ebdcb05f33d36291cb6d0549fb51e78659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: https://www.twipu.com/css/style.98d7cb149ef0968a62cb.css
Origin: https://www.twipu.com

Response headers

Date: Wed, 06 May 2020 01:26:10 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 Sep 2019 20:04:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d7aa4c2-fcf0"
X-Frame-Options: DENY
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64752
X-XSS-Protection: 1; mode=block

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 15ms
11ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1299683733&t=pageview&_s=1&dl=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ul=en-us&de=UTF-8&dt=Kill%20Bill%20-%20%40Ki11Windows%20Twitter%20Profile%20and%20Downloader%20%7C%20Twipu&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=536171615&gjid=1731088491&cid=2052148052.1588728370&tid=UA-120543025-1&_gid=2108166255.1588728370&_r=1&z=1747820599

Requested by

Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 01:26:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1683.003-2.092.ab.1686.002-2.092/ 854 KB
249 KB 45ms
45ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1683.003-2.092.ab.1686.002-2.092/ice.js
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b982e0e67f6e14bd53cb3c66d237a3094de6632623d14b14b76fe52294a7a7fa

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:10 GMT
via: 1.1 google
cf-cache-status: HIT
age: 91
status: 200
content-encoding: gzip
cf-request-id: 0289302c640000c785b9b02200000001
last-modified: Tue, 05 May 2020 21:10:52 GMT
server: cloudflare
etag: W/"d57a3-5a4ed152138a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 58eee95a3900c785-AMS
expires: Fri, 05 Jun 2020 01:24:39 GMT

GET
H/1.1 200
OK Cookie set GCEYB3QkMwoTfCU1IhtFGiUvGnNTNxofWgNHcxxzGyI5M3dWOQI4YAksDiFLKB4SFmcmMSMZRSMuAChZEjwJIlUrDiMEcyEfOB9zMzYBYXwQOCc6XTgaMzNqNUAjH3M7PgABdxMgHWsALTd6HGpRLiUzZzgQEmBnACAdawArIAoVZVE+MTNbEj0vFWsKLCc+RAFGZ...
symphoneupcom.site/UjJidEszUAEZdDMPAFI+IF5fUXkUF1AyL2MGUwM4IEVbGX8zQVRaKD5dFxAtIF0MAGU8VxZReRR7MBgRCFMlRCcdZgE7Hjh7R0YNAmQ0Ii8FYBAsJ2dVMjckGnMYLjkecFoXAmB/ Frame EA38 0
0 198ms
150ms Document
text/html 104.16.107.202
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://symphoneupcom.site/UjJidEszUAEZdDMPAFI+IF5fUXkUF1AyL2MGUwM4IEVbGX8zQVRaKD5dFxAtIF0MAGU8VxZReRR7MBgRCFMlRCcdZgE7Hjh7R0YNAmQ0Ii8FYBAsJ2dVMjckGnMYLjkecFoXAmB/GCEYB3QkMwoTfCU1IhtFGiUvGnNTNxofWgNHcxxzGyI5M3dWOQI4YAksDiFLKB4SFmcmMSMZRSMuAChZEjwJIlUrDiMEcyEfOB9zMzYBYXwQOCc6XTgaMzNqNUAjH3M7PgABdxMgHWsALTd6HGpRLiUzZzgQEmBnACAdawArIAoVZVE+MTNbEj0vFWsKLCc+RAFGZiZrJjASP3wzRCobSDMNCgBeCC4Ja1Y6Gg1mUw5BAjZ1OAwKJWcbOzEEfDoDHShTUxMJHkhSTB8EC1A5HyV+IB0ndwAkEg0iViggfyBwFTUhMQARAR0KVlYVHghoBhkBJmAODHswARoVEwZnUSQ8OVQuRwUgfg4cegtqBhYcYHMILg0qUARGfiJxU0E8HwAgFQ8re1MWDSViBg4BOmozBycIXxIQExFWFzsNKlNEHjg9XBJJPiVDB0Eha3ohNnI6aw
Requested by: Host: d141wsrw9m4as6.cloudfront.net
URL: https://d141wsrw9m4as6.cloudfront.net/?wrswd=832263
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: symphoneupcom.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.twipu.com/Ki11Windows
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: https://www.twipu.com/Ki11Windows

Response headers

Date: Wed, 06 May 2020 01:26:11 GMT
Content-Type: text/html
Content-Length: 1261
Connection: keep-alive
Set-Cookie: __cfduid=d1f3d055bcd1c66075cc6edd53d49fb841588728371; expires=Fri, 05-Jun-20 01:26:11 GMT; path=/; domain=.symphoneupcom.site; HttpOnly; SameSite=Lax; Secure
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 58eee962cbebcc3a-ZRH
cf-request-id: 02893031c10000cc3a67810200000001

GET
H/1.1 204
No Content ZFBYSm1Lbzs5UDFjPz0+LB4xHgolIgowLy0TAHsoBSgzDwtUHjJsGQ00ZXJeVmJueUsUOTx3XEIjLCsZESNle0sNPj4lUEImZXtDV2R2e19KYn4+HQU3ZXtLFCQsJlBVZWByWlZoa31cUWZs
chairwaydenew.site/ 0
516 B 177ms
128ms Image
text/plain 104.16.107.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chairwaydenew.site/ZFBYSm1Lbzs5UDFjPz0+LB4xHgolIgowLy0TAHsoBSgzDwtUHjJsGQ00ZXJeVmJueUsUOTx3XEIjLCsZESNle0sNPj4lUEImZXtDV2R2e19KYn4+HQU3ZXtLFCQsJlBVZWByWlZoa31cUWZs
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:11 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
Connection: keep-alive
CF-RAY: 58eee962d987cc36-ZRH
cf-request-id: 02893031c20000cc36269a9200000001

GET
H/1.1 200
OK Cookie set FixFKFgxNiR2WwsBGyAMPSIiZVg1FEICWEwr
symphoneupcom.site/MXhudVBQGg0Yb1BFDFMlQxRTUGJ3XVwzNFJNBU02Vk0HGjMJC0AWPF4NChMiXhYaWz5UDEtHFgcrOidmYz4/BAdJKQcUKgAcJhs8Qh0ZMx1SSigDCFYTHDo6WjI+Ajd1HihFY2EVIxcIZEwsFjoANyYbPFwaXxIyehIgRRVZQB87Y2A+Nj... Frame 94F7 0
0 207ms
161ms Document
text/html 104.16.107.202
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://symphoneupcom.site/MXhudVBQGg0Yb1BFDFMlQxRTUGJ3XVwzNFJNBU02Vk0HGjMJC0AWPF4NChMiXhYaWz5UDEtHFgcrOidmYz4/BAdJKQcUKgAcJhs8Qh0ZMx1SSigDCFYTHDo6WjI+Ajd1HihFY2EVIxcIZEwsFjoANyYbPFwaXxIyehIgRRVZQB87Y2A+NjYFRjMZGR9oES9AB0k+WzwDVSkmDBkIMl8wNWgRKxoTYxscOTlzISgcBkkdXT8AUBU8BhJaCB08KXMZJhwjWzcGMxlVPAFMFWQQXi8IWhk9GBZfOxYzGVU7IxIHWgAZFghBSjZGClo1Pz8fUyAoQhJzVR1FGnIuPDEDdEonGWB+ITksAHAtAg81XxctLWNrEzcjaGI1Kh48dC0JPTNpCyszOQFdXDMccz4nERR8CzgNFUMeOQIXYhENTR8ACzY8CHdPDR4aAB0AHjFlFjwSNmMIIhE9AAssHj8CNj1MBnI7Xw01AjI+EWJ/FixFKFgxNiR2WwsBGyAMPSIiZVg1FEICWEwr
Requested by: Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=825675
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: symphoneupcom.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.twipu.com/Ki11Windows
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: https://www.twipu.com/Ki11Windows

Response headers

Date: Wed, 06 May 2020 01:26:11 GMT
Content-Type: text/html
Content-Length: 1221
Connection: keep-alive
Set-Cookie: __cfduid=d9f90f31dd3e0c6b94e0f16f805bbad5f1588728371; expires=Fri, 05-Jun-20 01:26:11 GMT; path=/; domain=.symphoneupcom.site; HttpOnly; SameSite=Lax; Secure
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 58eee9635f6fcc3e-ZRH
cf-request-id: 02893032160000cc3ee79a8200000001

GET
H/1.1 204
No Content WjBuekx1Dw0JcQtmLBcaN0AZICADATYTBj1oXDcFEwIFMgIcQBZcODNUU0J+bwZZT2oqWQpHf2gWHQ4tLkUdR318WQAcI2cWGEd8dAVASHp0AUgOPDtXU0tqKkQaFnFrBVZCe2gIXU19bANc
chairwaydenew.site/ 0
516 B 168ms
122ms Image
text/plain 104.16.107.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chairwaydenew.site/WjBuekx1Dw0JcQtmLBcaN0AZICADATYTBj1oXDcFEwIFMgIcQBZcODNUU0J+bwZZT2oqWQpHf2gWHQ4tLkUdR318WQAcI2cWGEd8dAVASHp0AUgOPDtXU0tqKkQaFnFrBVZCe2gIXU19bANc
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:11 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
Connection: keep-alive
CF-RAY: 58eee9635eb8cc5a-ZRH
cf-request-id: 02893032160000cc5a4c090200000001

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 112ms
37ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:11 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 795A0DEE119FE2C4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=17449
accept-ranges: bytes
content-length: 948
x-amz-id-2: ARlE0RXgmS7RZdnG6ZbXtcaiD2zRKqm8r0S35/8snRoTx3isvWHs+j7E4IfJy3GTATzM3S8j8M4=

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 31ms
31ms Script
application/x-javascript 72.246.168.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.twipu.com&t=xo&v=5.0.124&source=payments_sdk&client_id=AUQfSwUmcyZOoh_q-P8ZNr0yfhH6j-V4XYQgoBRkLcjCzpDlkal9c8IYS8nrIPD6SNS8e_f82z86_Z3R

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AUQfSwUmcyZOoh_q-P8ZNr0yfhH6j-V4XYQgoBRkLcjCzpDlkal9c8IYS8nrIPD6SNS8e_f82z86_Z3R

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-168-118.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ONm7SrwJFjGEDJCF3UBdSiehdWtA4SwPLeZlIYLZrf29xn41' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline'; form-action 'self' https://.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ONm7SrwJFjGEDJCF3UBdSiehdWtA4SwPLeZlIYLZrf29xn41' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"310f-FGviSVLWgsmjFEfYfieMcNrYi0M"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=900
date: Wed, 06 May 2020 01:26:11 GMT
paypal-debug-id: 1626fde318c3b
strict-transport-security: max-age=63072000
dc: ccg11-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 4456
x-xss-protection: 1; mode=block

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5be8beec668a1ba9/ 1 KB
699 B 46ms
44ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5be8beec668a1ba9/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3a3117f4e927821bf1243fbb1f3041ff37841e1d3f6f1273205403ad35b454fd

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:11 GMT
content-encoding: gzip
etag: 1895562542--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=19, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 523

GET
H2 200 manage
router.infolinks.com/usync/ Frame 0983 0
0 142ms
135ms Document
text/html 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3152171&wsid=0
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1683.003-2.092.ab.1686.002-2.092/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: router.infolinks.com
:scheme: https
:path: /usync/manage?pid=3152171&wsid=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.twipu.com/Ki11Windows
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Referer: https://www.twipu.com/Ki11Windows

Response headers

status: 200
date: Wed, 06 May 2020 01:26:11 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=db71ee900e8c74abe860fff936b4e8b221588728371; expires=Fri, 05-Jun-20 01:26:11 GMT; path=/; domain=.infolinks.com; HttpOnly; SameSite=Lax
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58eee9640ff5c785-AMS
content-encoding: gzip
cf-request-id: 02893032890000c785b9b4e200000001

GET
H2 200 gsd Show response
router.infolinks.com/ 339 B
693 B 136ms
133ms Script
text/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3152171&wsid=0&pdom=www.twipu.com&purl=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&jsv=1683.003-2.092.ab.1686.002-2.092&_cb=15887283718210
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1683.003-2.092.ab.1686.002-2.092/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5840b48b66fcb724d736f4a684bc27eceb0e4e207beac3eadb88472db17531c4

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 01:26:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
status: 200
content-encoding: gzip
cache-control: max-age=0
cf-ray: 58eee9640ff6c785-AMS
content-type: text/javascript;charset=UTF-8
cf-request-id: 02893032890000c785b9b4f200000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
846 B 491ms
433ms Image
image/gif 23.45.98.207
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Kill%20Bill%20-%20%40Ki11Windows%20Twitter%20Profile%20and%20Downloader%20%7C%20Twipu&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1588728371865&g=-120&completeurl=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ru=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.98.207 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-45-98-207.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 May 2020 01:26:12 GMT
Server: akka-http/10.1.11
P3P: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
HTTP_X_PP_AZ_LOCATOR: slcb.slc
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Wed, 06 May 2020 01:26:12 GMT

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 41ms
41ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Wed, 06 May 2020 01:26:11 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

POST
H2 200 doq.htm Show response
rt5003.infolinks.com/action/ 2 KB
2 KB 353ms
228ms XHR
text/html 104.22.2.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt5003.infolinks.com/action/doq.htm?pcode=utf-8&r=15887283719941
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1683.003-2.092.ab.1686.002-2.092/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.2.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 733971e55c84210dd81bf2ef6a7632832db3daad072d46d9f715882e618ec9d2

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 May 2020 01:26:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NON DSP NID OUR COR"
status: 200
content-type: text/html;charset=UTF-8
cf-request-id: 02893033b90000d8e11f0ac200000001
x-application-context: application:prod
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-language: en-US
access-control-allow-origin: https://www.twipu.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
cf-ray: 58eee965fb09d8e1-AMS
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content EjcyHT9bYnROJQgwKVV4V2FgHnFXeHVcYldkaFpqEiYnD3FXcDYcOAprd110XmF0UH9RZHZYfA
chairwaydenew.site/aExmVkZHcwUlez4YL2YJMDwNFAc6LTI8HysINy4IChorFwIDPApwMgEoW251Wn5QZWAYJQJrd04/ 0
516 B 123ms
123ms Image
text/plain 104.16.107.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chairwaydenew.site/aExmVkZHcwUlez4YL2YJMDwNFAc6LTI8HysINy4IChorFwIDPApwMgEoW251Wn5QZWAYJQJrd04/EjcyHT9bYnROJQgwKVV4V2FgHnFXeHVcYldkaFpqEiYnD3FXcDYcOAprd110XmF0UH9RZHZYfA
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:12 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
Connection: keep-alive
CF-RAY: 58eee9651874cc5a-ZRH
cf-request-id: 02893033310000cc5a4c096200000001

GET
H/1.1 204
No Content bXlBM2tCRiJAVg5JC2EmXysCVywrKBRxKRQYAGosKCEyRD47KwUVHwQdfAtZWE92Bk0dECUOWF9fMkcKGQwyDl9fXyhdDQJEdQNaSw98A0VYV3MFRVxfNUMKCkRwFRsZDS0OWlhBeQRZVUp2AVtaSg
chairwaydenew.site/ 0
516 B 131ms
130ms Image
text/plain 104.16.107.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chairwaydenew.site/bXlBM2tCRiJAVg5JC2EmXysCVywrKBRxKRQYAGosKCEyRD47KwUVHwQdfAtZWE92Bk0dECUOWF9fMkcKGQwyDl9fXyhdDQJEdQNaSw98A0VYV3MFRVxfNUMKCkRwFRsZDS0OWlhBeQRZVUp2AVtaSg
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:12 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
Connection: keep-alive
CF-RAY: 58eee9659b87cc36-ZRH
cf-request-id: 028930337a0000cc36269b1200000001

GET
H/1.1 200
OK popunder.gif
chairwaydenew.site/ 35 B
723 B 25ms
25ms Image
image/gif 104.16.107.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chairwaydenew.site/popunder.gif
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:12 GMT
CF-Cache-Status: HIT
Age: 259097
Connection: keep-alive
Content-Length: 35
cf-request-id: 02893034090000cc36269b4200000001
Pragma: public
Cf-Bgj: h2pri
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
Accept-Ranges: bytes
CF-RAY: 58eee9667c33cc36-ZRH

GET
H/1.1 204
No Content ZElaUnFLdjkhTDcdOSUgMR9uEyAlIDkBHiwKAgAIBx8DFxUKH290BQ0tZ2pCVntsYVcUID5vQEI6LjMFETpnZENCIDQ0HllvLG9ASnpufEBWZ2h0BRQoPW9AQjkuJh1ZeG9qSVN7YmFGVntuYA
chairwaydenew.site/ 0
516 B 121ms
121ms Image
text/plain 104.16.107.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chairwaydenew.site/ZElaUnFLdjkhTDcdOSUgMR9uEyAlIDkBHiwKAgAIBx8DFxUKH290BQ0tZ2pCVntsYVcUID5vQEI6LjMFETpnZENCIDQ0HllvLG9ASnpufEBWZ2h0BRQoPW9AQjkuJh1ZeG9qSVN7YmFGVntuYA
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:12 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
Connection: keep-alive
CF-RAY: 58eee9669c67cc36-ZRH
cf-request-id: 02893034230000cc36269b5200000001

GET
H/1.1 200
OK push Show response
symphoneupcom.site/ 8 KB
6 KB 742ms
741ms XHR
text/plain 104.16.107.202
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://symphoneupcom.site/push?tid=825675&red=1&cs=UkxRT0xjemEseDF8aHouMHUwLXxi&abt=0&v=0.5.26.1&sm=83&k=kill%20bill%20downloader%20explore%20download%20videos%20photos%20love%20linux%20ki11windows%20twitter%20profile%20twipu&sts=64&prn=0&emb=0&fs=1&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F81.0.4044.129%20safari%2F537.36&tzd=2&uloc=&if=0&_MHGu=1588728372243&crc=1
Requested by: Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=825675
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29fe3d46825c9a0534115a3aacaf75426f17a3284e30618316f37c01a0e06b6

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 May 2020 01:26:12 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
CF-RAY: 58eee966aa69cc3e-ZRH
P3P: CP="NID DSP ALL COR"
access-control-allow-origin: https://www.twipu.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
Connection: keep-alive
Content-Type: text/plain
Content-Length: 4916
cf-request-id: 02893034240000cc3ee79b6200000001

GET
H/1.1 204
No Content TnVXRE9hSjQ3cgMiPw8dGjwWHCEhGBUoBRcWZAYeG0QSNgU5PBViOycRanx9e0NgcWk+HDN5fHxTJDAuOgAkeXl8Uz4qKSFIcTJyfltian14W2ZiOz4UMHl+aAUjMCNzRGJ8d3lHb3d4fEdjdg
chairwaydenew.site/ 0
516 B 119ms
119ms Image
text/plain 104.16.107.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chairwaydenew.site/TnVXRE9hSjQ3cgMiPw8dGjwWHCEhGBUoBRcWZAYeG0QSNgU5PBViOycRanx9e0NgcWk+HDN5fHxTJDAuOgAkeXl8Uz4qKSFIcTJyfltian14W2ZiOz4UMHl+aAUjMCNzRGJ8d3lHb3d4fEdjdg
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:12 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
Connection: keep-alive
CF-RAY: 58eee966a9f8cc5a-ZRH
cf-request-id: 02893034240000cc5a4c09f200000001

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 264 KB
90 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1683.003-2.092.ab.1686.002-2.092/ice.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f07554fd87b2de2d7f413aad15a903fb3fe8e0b6993b0cac1beef9ed05d7580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91857
x-xss-protection: 0
expires: Wed, 06 May 2020 01:26:12 GMT

GET
H2 200 dcl.htm Show response
rt5003.infolinks.com/action/ 0
171 B 156ms
156ms Script
text/html 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt5003.infolinks.com/action/dcl.htm?rid=085928e7-a62d-4ea2-b140-e1a8ebb51a45&jsv=1683.003-2.092.ab.1686.002-2.092&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A1%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1683.003-2.092.ab.1686.002-2.092/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 01:26:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=UTF-8
status: 200
cache-control: no-cache,no-store
accept-ranges: bytes
cf-ray: 58eee967bd62c785-AMS
content-length: 0
cf-request-id: 02893034d50000c785b9b6c200000001
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getads.htm Show response
rt5003.infolinks.com/action/ 11 KB
3 KB 594ms
594ms Script
text/html 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt5003.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IN_ARTICLE0%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22a%22%2C%22miw%22%3A2%2C%22maw%22%3A402%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22sdata%22%3A%22bill%20gates%20twitter%22%2C%22scs%22%3A%22Yh1_U7XA3I%22%7D%2C%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A2%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22covid-19%22%2C%22scs%22%3A%22Jt68PUv4JJ%22%7D%2C%7B%22lid%22%3A%22IL_IF_LEFT%22%2C%22bdc%22%3A3%2C%22prod_t%22%3A%22f%22%2C%22garc%22%3A0%2C%22as%22%3A%22160*600%22%2C%22nom%22%3A2%2C%22sdata%22%3A%22common%20sense%22%2C%22scs%22%3A%22SSwTO26bQa%22%7D%5D&rid=085928e7-a62d-4ea2-b140-e1a8ebb51a45&jsv=1683.003-2.092.ab.1686.002-2.092&sr=1600X1200&rts=1588728372417&cfv=-1&cb=singleGetAdsResponse&os=Windows&ov=10&br=Chrome&bv=81.0.4044.129&dv=p&ce=t&purl=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&tzo=%2B0200&c=c&strg=true&rsd=uerllMuqcw1a-OyhflqIytSaGEfgs9fdm2ZxJv3h1EL_xwvw31eQ9C0v73t59Ri5uv7f1ZeLqdRfHsQY4Q2sQhPuLnepBUMi4-fQxHnrXkZY7ixFqMMFqXfsauwsZGxXNUA3Kw5-HRNgd4L0mnDqrxBVrqt_ZEbkSy9BGFQpgJg&rsk=89&rcs=0pCGxeNwXyY3dB8BPdvVVg
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1683.003-2.092.ab.1686.002-2.092/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc5858762c7e2a5ae5536cb13db17c659946d62425a76ef6c2634d6b2bf17f3

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 01:26:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language: en-US
status: 200
cache-control: no-cache,no-store
cf-ray: 58eee967cd6cc785-AMS
content-type: text/html;charset=UTF-8
cf-request-id: 02893034d90000c785b9b6d200000001
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 loader.gif
resources.infolinks.com/static/skins/ 962 B
1 KB 46ms
45ms Image
image/gif 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.infolinks.com/static/skins/loader.gif
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:12 GMT
via: 1.1 google
cf-cache-status: HIT
age: 8411
cf-polished: origSize=1631, status=webp_bigger
status: 200
content-length: 962
cf-request-id: 02893034d90000c785b9b6e200000001
last-modified: Mon, 14 Nov 2016 12:31:03 GMT
server: cloudflare
etag: "65f-54142035d0066"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
expires: Thu, 04 Jun 2020 23:06:01 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58eee967cd6fc785-AMS
cf-bgj: imgq:85

GET
H2 200 loader-bg.png
resources.infolinks.com/static/skins/ 902 B
1 KB 43ms
43ms Image
image/webp 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.infolinks.com/static/skins/loader-bg.png
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:12 GMT
via: 1.1 google
cf-cache-status: HIT
age: 9269
cf-polished: origFmt=png, origSize=1488
status: 200
content-disposition: inline; filename="loader-bg.webp"
content-length: 902
cf-request-id: 02893034d90000c785b9b6f200000001
last-modified: Mon, 14 Nov 2016 12:31:03 GMT
server: cloudflare
etag: "5d0-541420359b4a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 04 Jun 2020 22:51:43 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 58eee967cd70c785-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 vidice.js Show response
resources.infolinks.com/js/vidice/1.0/ 620 KB
168 KB 83ms
81ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/vidice/1.0/vidice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1683.003-2.092.ab.1686.002-2.092/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:12 GMT
via: 1.1 google
cf-cache-status: HIT
age: 1696
status: 200
content-encoding: gzip
cf-request-id: 02893035dd0000c785b9b7f200000001
last-modified: Wed, 10 Jul 2019 15:15:02 GMT
server: cloudflare
etag: W/"9b0d4-58d552435a78c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 58eee9696814c785-AMS
expires: Fri, 05 Jun 2020 00:57:56 GMT

GET
H2 200 / Show response
graph.facebook.com/ 74 B
479 B 128ms
48ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_5zrh0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a08ede4f5f6e614a03544d8641b61097d32871ab8bdd0f8932a3a1501c20b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "f514d7a94e9bc657bfb365391d1cdf82d81078bc"
status: 200
x-fb-rev: 1002088041
alt-svc: h3-27=":443"; ma=3600
content-length: 74
pragma: no-cache
x-fb-debug: N9HwDoYTG9TrZLeWtxBAIGIKeJjynEV6qRd9aJGeXVQTIkkW8qdwPH7z5EYx3nhxKM0f6Aopd0Q/BaPIH2FnBg==
x-fb-trace-id: CqA/sX/AdPA
date: Wed, 06 May 2020 01:26:12 GMT, Wed, 06 May 2020 01:26:12 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A7RJA54GeLwuVRzFFLMv3iU
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 80 B
324 B 228ms
122ms Script
application/javascript 151.101.12.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&callback=window._ate.cbs.rcb_7rz50

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b07817f72534b4b260c4d9e6671ff6c19e3b24d394f998014c5b0d8f9a355fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

x-pinterest-host: widgets.pinterest.com
date: Wed, 06 May 2020 01:26:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
status: 200
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 5
accept-ranges: none
x-pinterest-rid: 4424022432561408
expires: Wed, 06 May 2020 01:41:12 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
289 B 310ms
232ms Script
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&callback=_ate.cbs.rcb_e0ud0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

1838d43b9b1c5d215cc0d5f58fd0d54aa55eb8af10f777c89d5efbf7a0a832a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.twipu.com/ki11windows
last-modified: Wed, 06 May 2020 01:26:12 GMT
server: nginx/1.15.8
date: Wed, 06 May 2020 01:26:13 GMT
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 / Show response
graph.facebook.com/ 73 B
255 B 127ms
49ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Fwww.twipu.com%2FKi11Windows&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_d5bs0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a6417c3961be18a250c6f8b3223eaf89ec1632a567d2726f00873905158eac00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "c0bb084ad01622d8b483facba25faa3b36768043"
status: 200
x-fb-rev: 1002088041
alt-svc: h3-27=":443"; ma=3600
content-length: 73
pragma: no-cache
x-fb-debug: 7/5dooCx46S6m3nAgwaH9bBk44ZNPzCDIOL6VEdf8183rhRze84E5dcqIpX636GLVe8/mGwVVx3m6/1wc42nVw==
x-fb-trace-id: CV5hy8xAnGt
date: Wed, 06 May 2020 01:26:12 GMT, Wed, 06 May 2020 01:26:12 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AP9hqv3T6cBeRtgNzGA4bN0
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 79 B
132 B 229ms
123ms Script
application/javascript 151.101.12.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fwww.twipu.com%2FKi11Windows&callback=window._ate.cbs.rcb_8cvw0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a1108324dfaefc8bd3930a14c8a61f2dd83a5d50c899442378b6e2f8fee9257

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

x-pinterest-host: widgets.pinterest.com
date: Wed, 06 May 2020 01:26:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
status: 200
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 3
accept-ranges: none
x-pinterest-rid: 6289054843379778
expires: Wed, 06 May 2020 01:41:12 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
289 B 299ms
221ms Script
application/json 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.twipu.com%2FKi11Windows&callback=_ate.cbs.rcb_l9yo0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

694e20cbaf6c52ba66ae94d3cb4e1096fa6c4819c06cb526ff014665fa4683c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.twipu.com/ki11windows
last-modified: Wed, 06 May 2020 01:26:12 GMT
server: nginx/1.15.8
date: Wed, 06 May 2020 01:26:13 GMT
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 9a9f1d01-cf33-4c9e-98cb-1c9955e63bf9
https://www.twipu.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.twipu.com/9a9f1d01-cf33-4c9e-98cb-1c9955e63bf9
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/vidice/1.0/vidice.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

POST
H/1.1 204
No Content IzocXCkLOHtUIgAuHi41CwU9IhQCHwQ0KQhMPAU1WFJ6WWdSX24cOAFXe153Fh4pGCQWV3lbdwwELgNsUl5wSidYWmZZf1dcZl13ERopC2xUTDgYJQlXeVlpXV16VGJSWHFVYQ
chairwaydenew.site/bFFlakhDbgYZdTo/ 0
516 B 119ms
119ms Other
text/plain 104.16.107.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chairwaydenew.site/bFFlakhDbgYZdTo/IzocXCkLOHtUIgAuHi41CwU9IhQCHwQ0KQhMPAU1WFJ6WWdSX24cOAFXe153Fh4pGCQWV3lbdwwELgNsUl5wSidYWmZZf1dcZl13ERopC2xUTDgYJQlXeVlpXV16VGJSWHFVYQ
Requested by: Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=825675
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 06 May 2020 01:26:13 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
Connection: keep-alive
CF-RAY: 58eee96b4897cc36-ZRH
cf-request-id: 028930370f0000cc36269c5200000001

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview.htm
rt5003.infolinks.com/action/ 0
168 B 159ms
158ms Image
text/html 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt5003.infolinks.com/action/adview.htm?rid=085928e7-a62d-4ea2-b140-e1a8ebb51a45&bdc=1&midx=0&emd=NzAyfjE2NzM1X251bGx-Njg4MTM2Nw&rts=1588728373034&prod_t=a&jsv=1683.003-2.092.ab.1686.002-2.092&sdata=bill%20gates%20twitter&scs=Yh1_U7XA3I&rsd=uerllMuqcw1a-OyhflqIytSaGEfgs9fdm2ZxJv3h1EL_xwvw31eQ9C0v73t59Ri5uv7f1ZeLqdRfHsQY4Q2sQhPuLnepBUMi4-fQxHnrXkZY7ixFqMMFqXfsauwsZGxXNUA3Kw5-HRNgd4L0mnDqrxBVrqt_ZEbkSy9BGFQpgJg&rsk=89&rcs=0pCGxeNwXyY3dB8BPdvVVg
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 01:26:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 58eee96bec36c785-AMS
p3p: CP="NON DSP NID OUR COR"
status: 200
cache-control: no-cache,no-store
accept-ranges: bytes
content-type: text/html;charset=UTF-8
content-length: 0
cf-request-id: 028930376f0000c785b9b98200000001
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adview.htm
rt5003.infolinks.com/action/ 0
167 B 484ms
483ms Image
text/html 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt5003.infolinks.com/action/adview.htm?rid=085928e7-a62d-4ea2-b140-e1a8ebb51a45&bdc=2&midx=0&emd=NzExfjE2NzM1X251bGx-Njg4MTM2Nw&rts=1588728373037&prod_t=d&jsv=1683.003-2.092.ab.1686.002-2.092&skin=sidebar&theme=nologo&sdata=covid-19&scs=Jt68PUv4JJ&rsd=uerllMuqcw1a-OyhflqIytSaGEfgs9fdm2ZxJv3h1EL_xwvw31eQ9C0v73t59Ri5uv7f1ZeLqdRfHsQY4Q2sQhPuLnepBUMi4-fQxHnrXkZY7ixFqMMFqXfsauwsZGxXNUA3Kw5-HRNgd4L0mnDqrxBVrqt_ZEbkSy9BGFQpgJg&rsk=89&rcs=0pCGxeNwXyY3dB8BPdvVVg
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 01:26:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 58eee96bec3ac785-AMS
p3p: CP="NON DSP NID OUR COR"
status: 200
cache-control: no-cache,no-store
content-type: text/html;charset=UTF-8
content-length: 0
cf-request-id: 02893037700000c785b9b99200000001
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adview.htm
rt5003.infolinks.com/action/ 0
280 B 158ms
157ms Image
text/html 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt5003.infolinks.com/action/adview.htm?rid=085928e7-a62d-4ea2-b140-e1a8ebb51a45&bdc=3&midx=0&emd=NzAyfjE2NzM1X251bGx-Njg4MTM2MQ&rts=1588728373068&prod_t=f&jsv=1683.003-2.092.ab.1686.002-2.092&sdata=common%20sense&scs=SSwTO26bQa&rsd=uerllMuqcw1a-OyhflqIytSaGEfgs9fdm2ZxJv3h1EL_xwvw31eQ9C0v73t59Ri5uv7f1ZeLqdRfHsQY4Q2sQhPuLnepBUMi4-fQxHnrXkZY7ixFqMMFqXfsauwsZGxXNUA3Kw5-HRNgd4L0mnDqrxBVrqt_ZEbkSy9BGFQpgJg&rsk=89&rcs=0pCGxeNwXyY3dB8BPdvVVg
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 01:26:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 58eee96bec3cc785-AMS
p3p: CP="NON DSP NID OUR COR"
status: 200
cache-control: no-cache,no-store
accept-ranges: bytes
content-type: text/html;charset=UTF-8
content-length: 0
cf-request-id: 02893037700000c785b9b9a200000001
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adview.htm
rt5003.infolinks.com/action/ 0
283 B 489ms
489ms Image
text/html 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt5003.infolinks.com/action/adview.htm?rid=085928e7-a62d-4ea2-b140-e1a8ebb51a45&bdc=3&midx=1&emd=NzExfjE2NzM1X251bGx-Njg4MTM2MQ&rts=1588728373080&prod_t=f&jsv=1683.003-2.092.ab.1686.002-2.092&sdata=common%20sense&scs=SSwTO26bQa&rsd=uerllMuqcw1a-OyhflqIytSaGEfgs9fdm2ZxJv3h1EL_xwvw31eQ9C0v73t59Ri5uv7f1ZeLqdRfHsQY4Q2sQhPuLnepBUMi4-fQxHnrXkZY7ixFqMMFqXfsauwsZGxXNUA3Kw5-HRNgd4L0mnDqrxBVrqt_ZEbkSy9BGFQpgJg&rsk=89&rcs=0pCGxeNwXyY3dB8BPdvVVg
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 01:26:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 58eee96bec3ec785-AMS
p3p: CP="NON DSP NID OUR COR"
status: 200
cache-control: no-cache,no-store
content-type: text/html;charset=UTF-8
content-length: 0
cf-request-id: 02893037700000c785b9b9b200000001
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame FB91 2 KB
2 KB 316ms
209ms Script
application/x-javascript 185.29.135.181
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMDA4ODQwNDU3MzE2MzYvNjg4MTM2Ny80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzanhlTXVwSkZGeUdrOXZMTnRfbGhWYy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjAwODg0MDQ1NzMxNjM2L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/21D2mE_nGbvnP3g465yJX2JBEqk&nodeid=2292&group=us-east&auctionid=4402200884045731636&exch=pub&sid=4830672&cid=6881367&price=0.030908&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.181 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.169.2 /
Resource Hash: 80dbe9268be3e4a1ac6bdd36a845cc7dfbcfe49516f28a7fe134a32d4a18b3c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:13 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1588728372
Last-Modified: Wed, 06 May 2020 01:26:12 GMT
Server: MMBD/3.169.2
x-mm-latency: 163 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: count
Cache-Control: no-cache
x-mm-host: cdg-router-x41, iad-bidder-x84
Connection: close
x-mm-pending-bid-state: eyJOb3RpZnlUeXBlIjoid2ViIiwiUEJEYXRhU291cmNlIjoiUEJDIiwiV2FpdEZvcldlYiI6ZmFsc2UsIldhaXRGb3JJbXAiOmZhbHNlLCJXYWl0Rm9yQ2siOmZhbHNlLCJQQlN0YXRlIjoiV2luIiwiRHVwTm90aWZ5IjpmYWxzZSwiQmlkQ2xhaW1lZCI6ZmFsc2UsIlBCU1dvcmtlZCI6ZmFsc2UsIlBCU1dpblBheWxvYWQiOiIifQ
Content-Type: application/x-javascript; charset=UTF-8
Expires: Wed, 06 May 2020 01:26:12 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 765E 2 KB
2 KB 563ms
238ms Script
application/x-javascript 185.29.135.181
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMDIyNjcwMjUyMDA5NDgvNjg4MTM2Ny80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzcENOYktCLUdIM3ZIQmx6aHlyaFliZy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjAyMjY3MDI1MjAwOTQ4L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/Slb_oJ0PNfZOzWErh5SWbX1KRTE&nodeid=2292&group=us-east&auctionid=4402202267025200948&exch=pub&sid=4830672&cid=6881367&price=0.030924&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.181 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.169.2 /
Resource Hash: 511432b7f59ddb1922bef1f7aafe6f00a610f6ebba6c83fc3afdc0cc4fcbb082

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:13 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1588728372
Last-Modified: Wed, 06 May 2020 01:26:12 GMT
Server: MMBD/3.169.2
x-mm-latency: 173 (0)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: count
Cache-Control: no-cache
x-mm-host: cdg-router-x39, iad-bidder-x84
Connection: close
x-mm-pending-bid-state: eyJOb3RpZnlUeXBlIjoid2ViIiwiUEJEYXRhU291cmNlIjoiUEJDIiwiV2FpdEZvcldlYiI6ZmFsc2UsIldhaXRGb3JJbXAiOmZhbHNlLCJXYWl0Rm9yQ2siOmZhbHNlLCJQQlN0YXRlIjoiV2luIiwiRHVwTm90aWZ5IjpmYWxzZSwiQmlkQ2xhaW1lZCI6ZmFsc2UsIlBCU1dvcmtlZCI6ZmFsc2UsIlBCU1dpblBheWxvYWQiOiIifQ
Content-Type: application/x-javascript; charset=UTF-8
Expires: Wed, 06 May 2020 01:26:12 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 1FD7 3 KB
2 KB 558ms
150ms Script
application/x-javascript 185.29.135.181
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDI1MDQwODUxMTQ1MDkxMDgvNjg4MTM2MS80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzbFhaZENjTFROU1Iybm9PbEFRVmlndy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyNTA0MDg1MTE0NTA5MTA4L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/kZAg6q59yZg_fLydnxBxE0YScGk&nodeid=2292&group=us-east&auctionid=4402504085114509108&exch=pub&sid=4830672&cid=6881361&price=0.031529&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.181 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.169.2 /
Resource Hash: 5f6a31b6b2e2f870cd18bc96f7ccba2aa1c5fb0857e244a3bfc43e19623a5057

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:13 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1588728372
Last-Modified: Wed, 06 May 2020 01:26:12 GMT
Server: MMBD/3.169.2
x-mm-latency: 95 (7 (1))
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: count
Cache-Control: no-cache
x-mm-host: cdg-router-x34, ewr-bidder-x205, iad-bidder-x84
Connection: close
x-mm-pending-bid-state: eyJOb3RpZnlUeXBlIjoid2ViIiwiUEJEYXRhU291cmNlIjoiUEJDIiwiV2FpdEZvcldlYiI6ZmFsc2UsIldhaXRGb3JJbXAiOmZhbHNlLCJXYWl0Rm9yQ2siOmZhbHNlLCJQQlN0YXRlIjoiV2luIiwiRHVwTm90aWZ5IjpmYWxzZSwiQmlkQ2xhaW1lZCI6ZmFsc2UsIlBCU1dvcmtlZCI6ZmFsc2UsIlBCU1dpblBheWxvYWQiOiIifQ
Content-Type: application/x-javascript; charset=UTF-8
Expires: Wed, 06 May 2020 01:26:12 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 4E3C 2 KB
2 KB 1222ms
138ms Script
application/x-javascript 185.29.135.181
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMTI0Mjg5MTc4MjMyODQvNjg4MTM2MS80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzamJUNWt6UHRqaUxENUFyajVPRlFERS8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjEyNDI4OTE3ODIzMjg0L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/XnrzuNjyX6uZ7LYrs7Vulwg4aZw&nodeid=2292&group=us-east&auctionid=4402212428917823284&exch=pub&sid=4830672&cid=6881361&price=0.029249&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.181 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.169.2 /
Resource Hash: 585c3e3c2f68669e945dc64af193d66e50e4231ca95101102aaa6f799e346cce

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:14 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1588728372
Last-Modified: Wed, 06 May 2020 01:26:12 GMT
Server: MMBD/3.169.2
x-mm-latency: 95 (8 (2))
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: count
Cache-Control: no-cache
x-mm-host: cdg-router-x34, ewr-bidder-x205, iad-bidder-x84
Connection: close
x-mm-pending-bid-state: eyJOb3RpZnlUeXBlIjoid2ViIiwiUEJEYXRhU291cmNlIjoiUEJDIiwiV2FpdEZvcldlYiI6ZmFsc2UsIldhaXRGb3JJbXAiOmZhbHNlLCJXYWl0Rm9yQ2siOmZhbHNlLCJQQlN0YXRlIjoiV2luIiwiRHVwTm90aWZ5IjpmYWxzZSwiQmlkQ2xhaW1lZCI6ZmFsc2UsIlBCU1dvcmtlZCI6ZmFsc2UsIlBCU1dpblBheWxvYWQiOiIifQ
Content-Type: application/x-javascript; charset=UTF-8
Expires: Wed, 06 May 2020 01:26:13 GMT

GET
H/1.1 200
OK 5w5xilzgs0lt Show response
hal9000.redintelligence.net/zone/ Frame FB91 10 KB
3 KB 136ms
45ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/5w5xilzgs0lt?subid=&rnd=4402200884045731636&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402200884045731636%26mt_id%3D6881367%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 4dec780a764d9c9b83a29f658ded4b963ae0dceb14831d7034409ec8cfbe1d95

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:13 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2830
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame FB91 43 B
359 B 522ms
50ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=3&v2=4402200884045731636&v3=655130&v4=4830672&v5=6881367&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMDA4ODQwNDU3MzE2MzYvNjg4MTM2Ny80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzanhlTXVwSkZGeUdrOXZMTnRfbGhWYy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjAwODg0MDQ1NzMxNjM2L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/21D2mE_nGbvnP3g465yJX2JBEqk&nodeid=2292&group=us-east&auctionid=4402200884045731636&exch=pub&sid=4830672&cid=6881367&price=0.030908&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2264 8c3ad5b master cdg-pixel-x9 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:13 GMT
Server: MT3 2264 8c3ad5b master cdg-pixel-x9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 06 May 2020 01:28:04 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame FB91 49 B
329 B 1001ms
208ms Image
image/gif 185.29.135.181
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=pub&bid=4402200884045731636&st=4830672&time=1588728373&nodeid=2292
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMDA4ODQwNDU3MzE2MzYvNjg4MTM2Ny80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzanhlTXVwSkZGeUdrOXZMTnRfbGhWYy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjAwODg0MDQ1NzMxNjM2L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/21D2mE_nGbvnP3g465yJX2JBEqk&nodeid=2292&group=us-east&auctionid=4402200884045731636&exch=pub&sid=4830672&cid=6881367&price=0.030908&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.181 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.169.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:14 GMT
Server: MMBD/3.169.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x87, iad-bidder-x84
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 06 May 2020 01:26:13 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ Frame FB91 597 B
921 B 370ms
47ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMDA4ODQwNDU3MzE2MzYvNjg4MTM2Ny80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzanhlTXVwSkZGeUdrOXZMTnRfbGhWYy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjAwODg0MDQ1NzMxNjM2L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/21D2mE_nGbvnP3g465yJX2JBEqk&nodeid=2292&group=us-east&auctionid=4402200884045731636&exch=pub&sid=4830672&cid=6881367&price=0.030908&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x20 /
Resource Hash: acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:13 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x20
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 06 May 2020 01:28:04 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FB91
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=NWZhNjEyNjUtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAw
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEJKTIhgAdV6oizcSsoNW41A&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w

170 B
234 B

39ms
39ms

Image
image/png

172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 01:26:13 GMT
server: HTTP server (unknown)
content-type: image/png
status: 200
cache-control: no-cache, must-revalidate
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 06 May 2020 01:28:04 GMT
Server: MT3 2264 8c3ad5b master cdg-pixel-x9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 06 May 2020 01:28:03 GMT

GET
H/1.1 200
OK 4448
stags.bluekai.com/site/ Frame FB91 62 B
717 B 1177ms
187ms Image
image/gif 23.45.237.36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/4448?id=5fa61265-0000-0000-0000-000000000000
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMDA4ODQwNDU3MzE2MzYvNjg4MTM2Ny80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzanhlTXVwSkZGeUdrOXZMTnRfbGhWYy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjAwODg0MDQ1NzMxNjM2L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/21D2mE_nGbvnP3g465yJX2JBEqk&nodeid=2292&group=us-east&auctionid=4402200884045731636&exch=pub&sid=4830672&cid=6881367&price=0.030908&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.237.36 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-45-237-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:14 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: e6a8
Content-Type: image/gif

GET
H/1.1

200
OK

request.php Show response
hal90007.redintelligence.net/ Frame FB91
Redirect Chain

https://hal90007.redintelligence.net/request.php?zone=5w5xilzgs0lt&nw=20&renderingType=javascript&namespace=55f0ce1107&subid=&uid=6d633e4834ffe39e&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90007.redintelligence.net/request.php?zone=5w5xilzgs0lt&nw=20&renderingType=javascript&namespace=55f0ce1107&subid=&uid=6d633e4834ffe39e&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

1164ms
414ms

Script
application/x-javascript

138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=5w5xilzgs0lt&nw=20&renderingType=javascript&namespace=55f0ce1107&subid=&uid=6d633e4834ffe39e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402200884045731636%26mt_id%3D6881367%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ancestorOrigins=https%3A%2F%2Fwww.twipu.com&random=2681472533132&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4f64314254098f4a9b8eac290296d0bb197a7fc5b4be60cbc4d967cedab98810

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 May 2020 01:26:14 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 56919400019927901060214011221007
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 815
Expires: Wed, 06 May 2020 02:26:14 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 06 May 2020 01:26:13 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=5w5xilzgs0lt&nw=20&renderingType=javascript&namespace=55f0ce1107&subid=&uid=6d633e4834ffe39e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402200884045731636%26mt_id%3D6881367%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ancestorOrigins=https%3A%2F%2Fwww.twipu.com&random=2681472533132&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 06 May 2020 02:26:13 +0200

GET
H/1.1 200
OK v0ze6hqos4es Show response
hal9000.redintelligence.net/zone/ Frame 1FD7 10 KB
3 KB 762ms
33ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/v0ze6hqos4es?subid=&rnd=4402504085114509108&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402504085114509108%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 4ef1a0fbb01f6912b66888784ff146a3694ff223b4be05fcb130b17b3b52892a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2830
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 1FD7 19 KB
6 KB 1391ms
39ms Script
application/javascript 2.18.232.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=499507&cmp=DV119194&sid=17306&plc=sampletag&num=&adid=&advid=3819603&adsrv=0&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.src&DVP_IS_SAMPLE=1&DVP_PP_REP=1&DVP_IQM_ID=10&DVPX_PP_IMP_ID=4402504085114509108&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_DEAL_ID=&DVP_PP_APP_ID=&DVP_MM_1=216536&DVP_MM_2=655130&DVP_MM_3=4830672&DVP_MM_4=6881361&DVP_MM_5=pub&DVP_MM_6=3&DVP_MM_7=156872&DVP_MM_8=284982&DVP_MM_9=&turl=http%3A//www.twipu.com
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDI1MDQwODUxMTQ1MDkxMDgvNjg4MTM2MS80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzbFhaZENjTFROU1Iybm9PbEFRVmlndy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyNTA0MDg1MTE0NTA5MTA4L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/kZAg6q59yZg_fLydnxBxE0YScGk&nodeid=2292&group=us-east&auctionid=4402504085114509108&exch=pub&sid=4830672&cid=6881361&price=0.031529&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-109.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 9b9aa3f6b5b2f67741d0990d8d0e664580b1880136bf17d51ff0fffcbd848f5d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Apr 2020 10:56:24 GMT
Server: Microsoft-IIS/10.0
ETag: "03cc82dcbcd61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6097

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 1FD7 4 KB
2 KB 250ms
63ms Script
application/javascript 34.240.212.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//www.twipu.com&ui=5fa61265-0000-0000-0000-000000000000&ap=&ti=4402504085114509108&pv=88f35d71-6361-4f50-abe5-288b3625b7ae&pp=156872&sr=3&de=43003&si=284982&dm=160x600&ac=655130&cr=6881361&ai=216536&c1=4830672&r1=185.236.201.0&r2=&r3=
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDI1MDQwODUxMTQ1MDkxMDgvNjg4MTM2MS80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzbFhaZENjTFROU1Iybm9PbEFRVmlndy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyNTA0MDg1MTE0NTA5MTA4L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/kZAg6q59yZg_fLydnxBxE0YScGk&nodeid=2292&group=us-east&auctionid=4402504085114509108&exch=pub&sid=4830672&cid=6881361&price=0.031529&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 49e39ed4360ed4bece57b623489ab783b898d28020b8b56038b0532a2fb7f72f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 May 2020 01:26:13 GMT
Content-Encoding: gzip
Vary: *
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2142
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 1FD7 43 B
360 B 312ms
47ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=3&v2=4402504085114509108&v3=655130&v4=4830672&v5=6881361&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDI1MDQwODUxMTQ1MDkxMDgvNjg4MTM2MS80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzbFhaZENjTFROU1Iybm9PbEFRVmlndy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyNTA0MDg1MTE0NTA5MTA4L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/kZAg6q59yZg_fLydnxBxE0YScGk&nodeid=2292&group=us-east&auctionid=4402504085114509108&exch=pub&sid=4830672&cid=6881361&price=0.031529&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x21 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:13 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x21
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 06 May 2020 01:28:04 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 1FD7 49 B
329 B 761ms
213ms Image
image/gif 185.29.135.181
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=pub&bid=4402504085114509108&st=4830672&time=1588728373&nodeid=2292
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDI1MDQwODUxMTQ1MDkxMDgvNjg4MTM2MS80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzbFhaZENjTFROU1Iybm9PbEFRVmlndy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyNTA0MDg1MTE0NTA5MTA4L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/kZAg6q59yZg_fLydnxBxE0YScGk&nodeid=2292&group=us-east&auctionid=4402504085114509108&exch=pub&sid=4830672&cid=6881361&price=0.031529&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.181 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.169.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:14 GMT
Server: MMBD/3.169.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x81, iad-bidder-x84
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 06 May 2020 01:26:13 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ Frame 1FD7 597 B
920 B 164ms
50ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDI1MDQwODUxMTQ1MDkxMDgvNjg4MTM2MS80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzbFhaZENjTFROU1Iybm9PbEFRVmlndy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyNTA0MDg1MTE0NTA5MTA4L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/kZAg6q59yZg_fLydnxBxE0YScGk&nodeid=2292&group=us-east&auctionid=4402504085114509108&exch=pub&sid=4830672&cid=6881361&price=0.031529&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2284 a4a3c58 master cdg-pixel-x5 /
Resource Hash: acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:13 GMT
Server: MT3 2284 a4a3c58 master cdg-pixel-x5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 06 May 2020 01:28:04 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1FD7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=NWZhNjEyNjUtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAw
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEJKTIhgAdV6oizcSsoNW41A&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w

170 B
234 B

40ms
40ms

Image
image/png

172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 01:26:13 GMT
server: HTTP server (unknown)
content-type: image/png
status: 200
cache-control: no-cache, must-revalidate
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 06 May 2020 01:28:05 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x14
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 06 May 2020 01:28:04 GMT

GET
H/1.1 200
OK 4448
stags.bluekai.com/site/ Frame 1FD7 62 B
717 B 997ms
180ms Image
image/gif 23.45.237.36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/4448?id=5fa61265-0000-0000-0000-000000000000
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDI1MDQwODUxMTQ1MDkxMDgvNjg4MTM2MS80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzbFhaZENjTFROU1Iybm9PbEFRVmlndy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyNTA0MDg1MTE0NTA5MTA4L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/kZAg6q59yZg_fLydnxBxE0YScGk&nodeid=2292&group=us-east&auctionid=4402504085114509108&exch=pub&sid=4830672&cid=6881361&price=0.031529&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.237.36 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-45-237-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:14 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: a93c
Content-Type: image/gif

GET
H/1.1 200
OK 5w5xilzgs0lt Show response
hal9000.redintelligence.net/zone/ Frame 765E 10 KB
3 KB 1490ms
113ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/5w5xilzgs0lt?subid=&rnd=4402202267025200948&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402202267025200948%26mt_id%3D6881367%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: c313a123eede62770b121c9cef56dc86d715861ef0c6c01a914c042e2bb392ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:15 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2833
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 765E 43 B
360 B 360ms
50ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=3&v2=4402202267025200948&v3=655130&v4=4830672&v5=6881367&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMDIyNjcwMjUyMDA5NDgvNjg4MTM2Ny80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzcENOYktCLUdIM3ZIQmx6aHlyaFliZy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjAyMjY3MDI1MjAwOTQ4L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/Slb_oJ0PNfZOzWErh5SWbX1KRTE&nodeid=2292&group=us-east&auctionid=4402202267025200948&exch=pub&sid=4830672&cid=6881367&price=0.030924&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x18 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:14 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x18
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 06 May 2020 01:28:04 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 765E 49 B
329 B 951ms
208ms Image
image/gif 185.29.135.181
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=pub&bid=4402202267025200948&st=4830672&time=1588728373&nodeid=2292
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMDIyNjcwMjUyMDA5NDgvNjg4MTM2Ny80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzcENOYktCLUdIM3ZIQmx6aHlyaFliZy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjAyMjY3MDI1MjAwOTQ4L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/Slb_oJ0PNfZOzWErh5SWbX1KRTE&nodeid=2292&group=us-east&auctionid=4402202267025200948&exch=pub&sid=4830672&cid=6881367&price=0.030924&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.181 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.169.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:14 GMT
Server: MMBD/3.169.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x96, iad-bidder-x84
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 06 May 2020 01:26:13 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ Frame 765E 597 B
921 B 211ms
49ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMDIyNjcwMjUyMDA5NDgvNjg4MTM2Ny80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzcENOYktCLUdIM3ZIQmx6aHlyaFliZy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjAyMjY3MDI1MjAwOTQ4L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/Slb_oJ0PNfZOzWErh5SWbX1KRTE&nodeid=2292&group=us-east&auctionid=4402202267025200948&exch=pub&sid=4830672&cid=6881367&price=0.030924&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x21 /
Resource Hash: acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:13 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x21
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 06 May 2020 01:28:04 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 765E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=NWZhNjEyNjUtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAw
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEJKTIhgAdV6oizcSsoNW41A&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w

170 B
234 B

40ms
40ms

Image
image/png

172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 01:26:13 GMT
server: HTTP server (unknown)
content-type: image/png
status: 200
cache-control: no-cache, must-revalidate
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 06 May 2020 01:28:05 GMT
Server: MT3 2264 8c3ad5b master cdg-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 06 May 2020 01:28:04 GMT

GET
H/1.1 200
OK 4448
stags.bluekai.com/site/ Frame 765E 62 B
717 B 1138ms
220ms Image
image/gif 23.45.237.36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/4448?id=5fa61265-0000-0000-0000-000000000000
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMDIyNjcwMjUyMDA5NDgvNjg4MTM2Ny80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzcENOYktCLUdIM3ZIQmx6aHlyaFliZy8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjAyMjY3MDI1MjAwOTQ4L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/Slb_oJ0PNfZOzWErh5SWbX1KRTE&nodeid=2292&group=us-east&auctionid=4402202267025200948&exch=pub&sid=4830672&cid=6881367&price=0.030924&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.237.36 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-45-237-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:14 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 97ce
Content-Type: image/gif

GET
H/1.1 200
OK v0ze6hqos4es Show response
hal9000.redintelligence.net/zone/ Frame 4E3C 10 KB
3 KB 3018ms
35ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/v0ze6hqos4es?subid=&rnd=4402212428917823284&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402212428917823284%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 02e5ab4e3504c9ebf258f5c4e65b9f495f1f57dc453c364d1fda1fb60847681e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:17 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2834
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 4E3C 43 B
359 B 100ms
52ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=3&v2=4402212428917823284&v3=655130&v4=4830672&v5=6881361&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMTI0Mjg5MTc4MjMyODQvNjg4MTM2MS80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzamJUNWt6UHRqaUxENUFyajVPRlFERS8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjEyNDI4OTE3ODIzMjg0L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/XnrzuNjyX6uZ7LYrs7Vulwg4aZw&nodeid=2292&group=us-east&auctionid=4402212428917823284&exch=pub&sid=4830672&cid=6881361&price=0.029249&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2284 a4a3c58 master cdg-pixel-x6 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:14 GMT
Server: MT3 2284 a4a3c58 master cdg-pixel-x6
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 06 May 2020 01:28:04 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 4E3C 49 B
329 B 293ms
204ms Image
image/gif 185.29.135.181
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=pub&bid=4402212428917823284&st=4830672&time=1588728374&nodeid=2292
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMTI0Mjg5MTc4MjMyODQvNjg4MTM2MS80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzamJUNWt6UHRqaUxENUFyajVPRlFERS8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjEyNDI4OTE3ODIzMjg0L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/XnrzuNjyX6uZ7LYrs7Vulwg4aZw&nodeid=2292&group=us-east&auctionid=4402212428917823284&exch=pub&sid=4830672&cid=6881361&price=0.029249&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.135.181 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.169.2 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:14 GMT
Server: MMBD/3.169.2
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x95, iad-bidder-x84
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 06 May 2020 01:26:13 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ Frame 4E3C 597 B
921 B 47ms
46ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMTI0Mjg5MTc4MjMyODQvNjg4MTM2MS80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzamJUNWt6UHRqaUxENUFyajVPRlFERS8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjEyNDI4OTE3ODIzMjg0L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/XnrzuNjyX6uZ7LYrs7Vulwg4aZw&nodeid=2292&group=us-east&auctionid=4402212428917823284&exch=pub&sid=4830672&cid=6881361&price=0.029249&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x18 /
Resource Hash: acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:14 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x18
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 06 May 2020 01:28:04 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4E3C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=NWZhNjEyNjUtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAw
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEJKTIhgAdV6oizcSsoNW41A&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w

170 B
234 B

40ms
39ms

Image
image/png

172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 May 2020 01:26:14 GMT
server: HTTP server (unknown)
content-type: image/png
status: 200
cache-control: no-cache, must-revalidate
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 06 May 2020 01:28:05 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x18
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=Wf5eshI0SACcK2qqv2aF6w
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 06 May 2020 01:28:04 GMT

GET
H/1.1 200
OK 4448
stags.bluekai.com/site/ Frame 4E3C 62 B
717 B 510ms
178ms Image
image/gif 23.45.237.36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/4448?id=5fa61265-0000-0000-0000-000000000000
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIyLyAvTldaaE5qRXlOalV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQ0MDIyMTI0Mjg5MTc4MjMyODQvNjg4MTM2MS80ODMwNjcyLzMvOVBZdFcweGp5RTFZcUVlTGlVYVIzamJUNWt6UHRqaUxENUFyajVPRlFERS8xLzMvMC8wLzk2MjQzMS8zMTE5MzAyOTEyLzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80NDAyMjEyNDI4OTE3ODIzMjg0L2lhZC8wLzM2LzE0Lzk5OS8wLzE4NS4yMzYuMjAxLjAvMC4wMDAvMTU4ODcyODM3Mi8xNTg4NzMzNzcyLzMv/XnrzuNjyX6uZ7LYrs7Vulwg4aZw&nodeid=2292&group=us-east&auctionid=4402212428917823284&exch=pub&sid=4830672&cid=6881361&price=0.029249&bp=a_adcaaa&nfy_act=LD5wfnw&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&3pck=${PUBMATIC_CLICK_TRACKING_URL}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.237.36 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-45-237-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:14 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 8f13
Content-Type: image/gif

GET
H/1.1 200
OK request.php Show response
hal90007.redintelligence.net/ Frame 1FD7 2 KB
1 KB 637ms
92ms Script
application/x-javascript 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=v0ze6hqos4es&nw=20&renderingType=javascript&namespace=306c9490a3&subid=&uid=a51de6287145c62c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402504085114509108%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ancestorOrigins=https%3A%2F%2Fwww.twipu.com&random=1214486313509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/v0ze6hqos4es?subid=&rnd=4402504085114509108&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402504085114509108%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d88f7e694787eeab0d49ffc5798a0c3531f55e7c926409d0b1a4491944c9176f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 May 2020 01:26:14 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 11743800019928301060216011221007
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 815
Expires: Wed, 06 May 2020 02:26:14 +0200

GET EObRcP5rssQE1rpRsq8Q0zXHBzcZTSSJ-q1osh4WMZJEsMGeerGas6XeaSCrHqCtpN8T_gty7BM0E_6ivmTFVwh_OEmyXbj-gbwhyqVpls8B2nZgBDiKAeF1mx0BqdM5w82jfaeGqLi_jZdXF0fzifpTHNQWXd_06xIEnA9ujhh9Kw7obNurTxVINiuCkgSKuBeEf...
r.adport.io/i/ic/ 0
0

GET
H2

200

ztpv.php
www.conrad.ch/ Frame 9741
Redirect Chain

https://www.awin1.com/cshow.php?s=2246541&v=11482&q=346449&r=414915&pref1=56919400019927901060214011221007&pv=1
https://www.zenaps.com/cshow.php?pvr=93fec7b0-8f38-11ea-8c72-692d08c3400c&v=11482&r=414915&q=346449&s=2246541&viewref=56919400019927901060214011221007&pv=1
https://www.conrad.ch/ztpv.php?insert=AW

0
0

470ms
59ms

Document
text/html

2606:4700::6810:f2f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.conrad.ch/ztpv.php?insert=AW

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=5w5xilzgs0lt&nw=20&renderingType=javascript&namespace=55f0ce1107&subid=&uid=6d633e4834ffe39e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402200884045731636%26mt_id%3D6881367%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ancestorOrigins=https%3A%2F%2Fwww.twipu.com&random=2681472533132&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f2f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: www.conrad.ch
:scheme: https
:path: /ztpv.php?insert=AW
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Wed, 06 May 2020 01:26:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbb1a782d113929ffa0bd79a07a4122751588728375; expires=Fri, 05-Jun-20 01:26:15 GMT; path=/; domain=.www.conrad.ch; HttpOnly; SameSite=Lax; Secure HTLP_timestamp=1588728375; expires=Mon, 11-May-2020 01:26:15 GMT; Max-Age=432000; path=/; secure; SameSite=None CEAffHA=AW; expires=Mon, 11-May-2020 01:26:15 GMT; Max-Age=432000; path=/; secure; SameSite=None
server-timing: intid;desc=8140acecbd334c02
cache-control: no-cache
expires: -1
vary: Accept-Encoding
p3p: policyref="http://www.conrad.ch/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58eee97cee151f39-FRA
content-encoding: br
cf-request-id: 028930420d00001f3948149200000001

Redirect headers

Location: https://www.conrad.ch/ztpv.php?insert=AW
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length: 0
Date: Wed, 06 May 2020 01:26:15 GMT
Connection: keep-alive
Set-Cookie: awpv11482=414915|1588728375|93fec7b0-8f38-11ea-8c72-692d08c3400c;domain=.zenaps.com;path=/;expires=Wednesday, 13-May-2020 01:26:15 UTC;Secure;SameSite=None AWSESS=346449:2246541;domain=.zenaps.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H2 200 tpv.php
cct.connects.ch/ Frame E5A7 0
0 139ms
46ms Document
text/html 84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://cct.connects.ch/tpv.php?t=116827V1843154055B&subid=56919400019927901060214011221007

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cct.connects.ch
:scheme: https
:path: /tpv.php?t=116827V1843154055B&subid=56919400019927901060214011221007
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
server: nginx
date: Wed, 06 May 2020 01:26:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: ppv1843=2020050603261522256225561X116827V1843154055BS56919400019927901060214011221007; expires=Thu, 07-May-2020 01:26:15 GMT; Max-Age=86400; path=/; domain=.connects.ch; SameSite=None; secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H/1.1 200
OK request_content.php
hal90007.redintelligence.net/ Frame 2D8F 0
0 1142ms
43ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=56919400019927901060214011221007&a=75e696e1
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=5w5xilzgs0lt&nw=20&renderingType=javascript&namespace=55f0ce1107&subid=&uid=6d633e4834ffe39e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402200884045731636%26mt_id%3D6881367%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ancestorOrigins=https%3A%2F%2Fwww.twipu.com&random=2681472533132&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Host: hal90007.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=1e0072f0bc5c9754
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:16 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 06 May 2020 02:26:16 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1954
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 tpv.php
cct.connects.ch/ Frame FB91 0
0 143ms
48ms Image
text/html 84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cct.connects.ch/tpv.php?t=116827V1869151989B&subid=56919400019927901060214011221007
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 18C5 0
0 79ms
79ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156872:2; KADUSERCOOKIE=1ADB7095-23BF-4370-96D0-4767A8530773; chkChromeAb67Sec=1; DPSync3=1588809600%3A174%7C1589932800%3A201_197_219; SyncRTB3=1589932800%3A54_3_205_56_194_218_7_55_92_78_88_22_81_161_71_166_189_170_176_8_99_195_21_13%7C1589328000%3A2_15_67%7C1591315200%3A203%7C1590019200%3A35%7C1589587200%3A63; KRTBCOOKIE_80=16514-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22987-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22995-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&23025-CAESEEYEcmzRYQV_lujImAo6mxI; PUBMDCID=3; KRTBCOOKIE_153=19420-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g&KRTB&22979-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_27=16735-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce&KRTB&16736-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce; KRTBCOOKIE_336=5844-2337321481033031330; KRTBCOOKIE_22=14911-4333079171146555114&KRTB&23150-4333079171146555114; PugT=1588728373; KRTBCOOKIE_377=22918-32a84470-403b-4691-adb1-6ccbdd732a99&KRTB&23031-32a84470-403b-4691-adb1-6ccbdd732a99; KRTBCOOKIE_1074=22956-e_12212964-d8bc-4fea-9785-17370ac4ad2d; KRTBCOOKIE_391=22924-7144396918788690709; KRTBCOOKIE_218=22922-XrISNAAAAFNMyVvC&KRTB&22978-XrISNAAAAFNMyVvC&KRTB&23194-XrISNAAAAFNMyVvC&KRTB&23209-XrISNAAAAFNMyVvC; KRTBCOOKIE_409=22966-bSslokYfohjNbUpp2cUJUwOW&KRTB&23212-bSslokYfohjNbUpp2cUJUwOW; SPugT=1588728374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=170231
Expires: Fri, 08 May 2020 00:43:26 GMT
Date: Wed, 06 May 2020 01:26:15 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 614E 0
0 385ms
37ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156872&siteId=284982&adId=1373832&adType=10&adServerId=243&kefact=0.021635&kaxefact=0.021635&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1588728372&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.030908&dcId=2&tldId=58508322&passback=0&svr=BIDVA065&ekefact=NBKyXqzwCgC7uPcLCTI1lEEJDCZkRdHqnAHokTgDcfr6jgx0&ekaxefact=NBKyXrjwCgDTM_A-h-TZvTzf7mZKGCEk6FhMjB1PQ_w53l-R&ekpbmtpfact=NBKyXsHwCgBxZFpWisiyK7njXT3T3kn7RltlWISc0w0LT9aS&enpp=NBKyXsvwCgAJbS0JNMGbs4jYaul1mglGmwwWv0dNTNJHZaY-&crID=6881367&lpu=soberberlin.com&ucrid=14222794932046070304&campaignId=16735&creativeId=0&pctr=0.000000&wDSPByrId=101936&wDspId=27&wbId=0&wrId=0&wAdvID=985929&wDspCampId=655130&isRTB=1&rtbId=C6EBBB64-A30D-4A8C-8507-07195BCBA46C&imprId=E0610CE6-61DA-4DBD-A465-721104329C03&oid=E0610CE6-61DA-4DBD-A465-721104329C03&country=CH&cntryId=45&domain=twipu.com&pageURL=www.twipu.com&sec=1
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: aktrack.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156872:2; KADUSERCOOKIE=1ADB7095-23BF-4370-96D0-4767A8530773; chkChromeAb67Sec=1; DPSync3=1588809600%3A174%7C1589932800%3A201_197_219; SyncRTB3=1589932800%3A54_3_205_56_194_218_7_55_92_78_88_22_81_161_71_166_189_170_176_8_99_195_21_13%7C1589328000%3A2_15_67%7C1591315200%3A203%7C1590019200%3A35%7C1589587200%3A63; KRTBCOOKIE_80=16514-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22987-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22995-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&23025-CAESEEYEcmzRYQV_lujImAo6mxI; PUBMDCID=3; KRTBCOOKIE_153=19420-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g&KRTB&22979-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_27=16735-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce&KRTB&16736-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce; KRTBCOOKIE_336=5844-2337321481033031330; KRTBCOOKIE_22=14911-4333079171146555114&KRTB&23150-4333079171146555114; PugT=1588728373; KRTBCOOKIE_377=22918-32a84470-403b-4691-adb1-6ccbdd732a99&KRTB&23031-32a84470-403b-4691-adb1-6ccbdd732a99; KRTBCOOKIE_1074=22956-e_12212964-d8bc-4fea-9785-17370ac4ad2d; KRTBCOOKIE_391=22924-7144396918788690709; KRTBCOOKIE_218=22922-XrISNAAAAFNMyVvC&KRTB&22978-XrISNAAAAFNMyVvC&KRTB&23194-XrISNAAAAFNMyVvC&KRTB&23209-XrISNAAAAFNMyVvC; KRTBCOOKIE_409=22966-bSslokYfohjNbUpp2cUJUwOW&KRTB&23212-bSslokYfohjNbUpp2cUJUwOW; SPugT=1588728374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Content-Type: text/html
Content-Length: 0
Date: Wed, 06 May 2020 01:26:15 GMT
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame FB91 43 B
480 B 74ms
71ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x15 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:15 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 06 May 2020 01:28:05 GMT

GET
H2

200

ztpv.php
www.conrad.ch/ Frame AA6A
Redirect Chain

https://www.awin1.com/cshow.php?s=2246541&v=11482&q=346449&r=414915&pref1=11743800019928301060216011221007&pv=1
https://www.zenaps.com/cshow.php?pvr=940d1f90-8f38-11ea-80d2-692d035208c1&v=11482&r=414915&q=346449&s=2246541&viewref=11743800019928301060216011221007&pv=1
https://www.conrad.ch/ztpv.php?insert=AW

0
0

415ms
61ms

Document
text/html

2606:4700::6810:f2f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.conrad.ch/ztpv.php?insert=AW

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=v0ze6hqos4es&nw=20&renderingType=javascript&namespace=306c9490a3&subid=&uid=a51de6287145c62c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402504085114509108%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ancestorOrigins=https%3A%2F%2Fwww.twipu.com&random=1214486313509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f2f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: www.conrad.ch
:scheme: https
:path: /ztpv.php?insert=AW
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
date: Wed, 06 May 2020 01:26:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbb1a782d113929ffa0bd79a07a4122751588728375; expires=Fri, 05-Jun-20 01:26:15 GMT; path=/; domain=.www.conrad.ch; HttpOnly; SameSite=Lax; Secure HTLP_timestamp=1588728375; expires=Mon, 11-May-2020 01:26:15 GMT; Max-Age=432000; path=/; secure; SameSite=None CEAffHA=AW; expires=Mon, 11-May-2020 01:26:15 GMT; Max-Age=432000; path=/; secure; SameSite=None
server-timing: intid;desc=4c9c3c339510701b
cache-control: no-cache
expires: -1
vary: Accept-Encoding
p3p: policyref="http://www.conrad.ch/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58eee97cee161f39-FRA
content-encoding: br
cf-request-id: 028930420e00001f394814a200000001

Redirect headers

Location: https://www.conrad.ch/ztpv.php?insert=AW
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length: 0
Date: Wed, 06 May 2020 01:26:15 GMT
Connection: keep-alive
Set-Cookie: awpv11482=414915|1588728375|940d1f90-8f38-11ea-80d2-692d035208c1;domain=.zenaps.com;path=/;expires=Wednesday, 13-May-2020 01:26:15 UTC;Secure;SameSite=None AWSESS=346449:2246541;domain=.zenaps.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H2 200 tpv.php
cct.connects.ch/ Frame CB9F 0
0 124ms
49ms Document
text/html 84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://cct.connects.ch/tpv.php?t=116827V1843154055B&subid=11743800019928301060216011221007

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cct.connects.ch
:scheme: https
:path: /tpv.php?t=116827V1843154055B&subid=11743800019928301060216011221007
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

status: 200
server: nginx
date: Wed, 06 May 2020 01:26:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: ppv1843=2020050603261522256225565X116827V1843154055BS11743800019928301060216011221007; expires=Thu, 07-May-2020 01:26:15 GMT; Max-Age=86400; path=/; domain=.connects.ch; SameSite=None; secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H/1.1 200
OK request_content.php
hal90007.redintelligence.net/ Frame C66E 0
0 1137ms
34ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=11743800019928301060216011221007&a=a69415f3
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=v0ze6hqos4es&nw=20&renderingType=javascript&namespace=306c9490a3&subid=&uid=a51de6287145c62c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402504085114509108%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ancestorOrigins=https%3A%2F%2Fwww.twipu.com&random=1214486313509&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Host: hal90007.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=1e0072f0bc5c9754
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:16 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 06 May 2020 02:26:16 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1960
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 tpv.php
cct.connects.ch/ Frame 1FD7 0
0 127ms
49ms Image
text/html 84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cct.connects.ch/tpv.php?t=116827V1869151989B&subid=11743800019928301060216011221007
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

GET
H/1.1 200
OK dv-measurements319.js Show response
cdn.doubleverify.com/ Frame 0E2E 266 KB
61 KB 64ms
64ms Script
application/javascript 2.18.232.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements319.js
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-109.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 7e6e526aaa21616ee213cf3ba86a2ce6442cb6d1f8c3a9692d3488a7c8eb6845

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Apr 2020 06:42:59 GMT
Server: Microsoft-IIS/10.0
ETag: "80db117215bd61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61844

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 471C 0
0 56ms
53ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156872:2; KADUSERCOOKIE=1ADB7095-23BF-4370-96D0-4767A8530773; chkChromeAb67Sec=1; DPSync3=1588809600%3A174%7C1589932800%3A201_197_219; SyncRTB3=1589932800%3A54_3_205_56_194_218_7_55_92_78_88_22_81_161_71_166_189_170_176_8_99_195_21_13%7C1589328000%3A2_15_67%7C1591315200%3A203%7C1590019200%3A35%7C1589587200%3A63; KRTBCOOKIE_80=16514-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22987-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22995-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&23025-CAESEEYEcmzRYQV_lujImAo6mxI; PUBMDCID=3; KRTBCOOKIE_153=19420-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g&KRTB&22979-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_27=16735-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce&KRTB&16736-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce; KRTBCOOKIE_336=5844-2337321481033031330; KRTBCOOKIE_22=14911-4333079171146555114&KRTB&23150-4333079171146555114; PugT=1588728373; KRTBCOOKIE_377=22918-32a84470-403b-4691-adb1-6ccbdd732a99&KRTB&23031-32a84470-403b-4691-adb1-6ccbdd732a99; KRTBCOOKIE_1074=22956-e_12212964-d8bc-4fea-9785-17370ac4ad2d; KRTBCOOKIE_391=22924-7144396918788690709; KRTBCOOKIE_218=22922-XrISNAAAAFNMyVvC&KRTB&22978-XrISNAAAAFNMyVvC&KRTB&23194-XrISNAAAAFNMyVvC&KRTB&23209-XrISNAAAAFNMyVvC; KRTBCOOKIE_409=22966-bSslokYfohjNbUpp2cUJUwOW&KRTB&23212-bSslokYfohjNbUpp2cUJUwOW; SPugT=1588728374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=170231
Expires: Fri, 08 May 2020 00:43:26 GMT
Date: Wed, 06 May 2020 01:26:15 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame DD53 0
0 346ms
37ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156872&siteId=284982&adId=1373834&adType=10&adServerId=243&kefact=0.022071&kaxefact=0.022071&kadNetFrequecy=0&kadwidth=160&kadheight=600&kadsizeid=10&kltstamp=1588728372&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.031529&dcId=2&tldId=58508322&passback=0&svr=BIDVA087&ekefact=NBKyXs-7DAArFEGNu340RjU6Fhrdatg1ga022nHW4ubS_e7E&ekaxefact=NBKyXuK7DABQfHXqcOJxKcSWEq9j5X3hLJO_bj98ftx7jJyN&ekpbmtpfact=NBKyXu67DABVMAIsMuobNSh8oSsvtzvwJEzdIJsCl6DXi3-1&enpp=NBKyXgO8DACtktOPPwygjFbsSeOwtXna4qrSoBQcLnxs6Rkb&crID=6881361&lpu=soberberlin.com&ucrid=14432316779050365902&campaignId=16735&creativeId=0&pctr=0.000000&wDSPByrId=101936&wDspId=27&wbId=1&wrId=0&wAdvID=985929&wDspCampId=655130&isRTB=1&rtbId=61C09E63-737C-40A5-A7F5-DD601205AA8C&imprId=E44B189B-AFD1-4CCC-A8DC-323015E4418C&oid=E44B189B-AFD1-4CCC-A8DC-323015E4418C&country=CH&cntryId=45&domain=twipu.com&pageURL=www.twipu.com&sec=1
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: aktrack.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=1ADB7095-23BF-4370-96D0-4767A8530773; chkChromeAb67Sec=1; DPSync3=1588809600%3A174%7C1589932800%3A201_197_219; SyncRTB3=1589932800%3A54_3_205_56_194_218_7_55_92_78_88_22_81_161_71_166_189_170_176_8_99_195_21_13%7C1589328000%3A2_15_67%7C1591315200%3A203%7C1590019200%3A35%7C1589587200%3A63; KRTBCOOKIE_80=16514-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22987-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22995-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&23025-CAESEEYEcmzRYQV_lujImAo6mxI; PUBMDCID=3; KRTBCOOKIE_153=19420-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g&KRTB&22979-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_27=16735-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce&KRTB&16736-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce; KRTBCOOKIE_336=5844-2337321481033031330; KRTBCOOKIE_22=14911-4333079171146555114&KRTB&23150-4333079171146555114; PugT=1588728373; KRTBCOOKIE_377=22918-32a84470-403b-4691-adb1-6ccbdd732a99&KRTB&23031-32a84470-403b-4691-adb1-6ccbdd732a99; KRTBCOOKIE_1074=22956-e_12212964-d8bc-4fea-9785-17370ac4ad2d; KRTBCOOKIE_391=22924-7144396918788690709; KRTBCOOKIE_218=22922-XrISNAAAAFNMyVvC&KRTB&22978-XrISNAAAAFNMyVvC&KRTB&23194-XrISNAAAAFNMyVvC&KRTB&23209-XrISNAAAAFNMyVvC; KRTBCOOKIE_409=22966-bSslokYfohjNbUpp2cUJUwOW&KRTB&23212-bSslokYfohjNbUpp2cUJUwOW; SPugT=1588728374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Content-Type: text/html
Content-Length: 0
Date: Wed, 06 May 2020 01:26:15 GMT
Connection: keep-alive

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/ Frame 1FD7 2 B
159 B 148ms
49ms XHR
text/plain 34.240.212.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/postback?oz_pl=1&di=http%3A%2F%2Fwww.twipu.com&r1=185.236.201.0&dt=6196211556140246740000&pd=avt&c1=4830672&ui=5fa61265-0000-0000-0000-000000000000&ti=4402504085114509108&ac=655130&ap=&sr=3&si=284982&cr=6881361&ai=216536&pp=156872&r2=&de=43003&r3=&pv=88f35d71-6361-4f50-abe5-288b3625b7ae&dm=160x600&ci=619621
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//www.twipu.com&ui=5fa61265-0000-0000-0000-000000000000&ap=&ti=4402504085114509108&pv=88f35d71-6361-4f50-abe5-288b3625b7ae&pp=156872&sr=3&de=43003&si=284982&dm=160x600&ac=655130&cr=6881361&ai=216536&c1=4830672&r1=185.236.201.0&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 May 2020 01:26:14 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/4.66.0/ Frame 1FD7 115 KB
34 KB 93ms
91ms Script
application/javascript 34.240.212.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/4.66.0/main.js
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//www.twipu.com&ui=5fa61265-0000-0000-0000-000000000000&ap=&ti=4402504085114509108&pv=88f35d71-6361-4f50-abe5-288b3625b7ae&pp=156872&sr=3&de=43003&si=284982&dm=160x600&ac=655130&cr=6881361&ai=216536&c1=4830672&r1=185.236.201.0&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4b9109ddc6e4b2a7aeb24404d525e2f6844c6f7c1b7e2c66d9cd38319347136f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:14 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, no-transform, immutable, max-age=9999999
Timing-Allow-Origin: *
Content-Length: 34375
Expires: Fri, 01 Jan 2038 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 1FD7 43 B
480 B 50ms
48ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x21 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:15 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x21
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 06 May 2020 01:28:05 GMT

GET
H2 204 EObRcP5rssQE1rpRsq8Q0zXHBzcZTSSJ-q1osh4WMZJEsMGeerGas6XeaSCrHqCtpN8T_gty7BM0E_6ivmTFVwh_OEmyXbj-gbwhyqVpls8B2nZgBDiKAeF1mx0BqdM5w82jfaeGqLi_jZdXF0fzifpTHNQWXd_06xIEnA9ujhh9Kw7obNurTxVINiuCkgSKuBeEf...
r.adport.io/i/ic/ Frame 4D8D 0
188 B 130ms
129ms Image
text/plain 104.22.19.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r.adport.io/i/ic/EObRcP5rssQE1rpRsq8Q0zXHBzcZTSSJ-q1osh4WMZJEsMGeerGas6XeaSCrHqCtpN8T_gty7BM0E_6ivmTFVwh_OEmyXbj-gbwhyqVpls8B2nZgBDiKAeF1mx0BqdM5w82jfaeGqLi_jZdXF0fzifpTHNQWXd_06xIEnA9ujhh9Kw7obNurTxVINiuCkgSKuBeEfBcqXQJFeDLHiuPkccKO_4mg1g6HCcAN6PR2zT7MVNn2XA6ub8IFFDZBL0NiPEkwvru-IxyfcMqrBM-1drQTw5EU3gM2QqkEEme_ZrjUOA7zrbGdbCcHNKWxhdlNKwouaMkUTxm-4_7d0c-opScSUZhURlLND5w

Requested by

Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=825675

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.19.89 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 204
access-control-allow-origin: *
cf-ray: 58eee978ec4fd8ed-AMS
cf-request-id: 0289303f900000d8edb08d4200000001

GET
DATA 200
OK truncated
/ Frame 4D8D 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4D8D 795 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40e7369d802a6b6488557987b4889a1f918613b1589715fc2cc45a607d39e863

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK request.php Show response
hal90002.redintelligence.net/ Frame 765E 2 KB
1 KB 1223ms
88ms Script
application/x-javascript 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request.php?zone=5w5xilzgs0lt&nw=20&renderingType=javascript&namespace=045715bbc1&subid=&uid=1048580666ddbf38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402202267025200948%26mt_id%3D6881367%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ancestorOrigins=https%3A%2F%2Fwww.twipu.com&random=7477483750784&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/5w5xilzgs0lt?subid=&rnd=4402202267025200948&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402202267025200948%26mt_id%3D6881367%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: d40e4127f4811d2e31e3b90856b9acaa7e7489447b1422984dac68c07f2b2782

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 May 2020 01:26:16 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 84075300014879201060214011221002
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 822
Expires: Wed, 06 May 2020 02:26:16 +0200

GET
H/1.1 200
OK t2tv7.html
cdn3.doubleverify.com/ Frame C7C6 0
0 361ms
36ms Document
text/html 2.18.232.109
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements319.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-109.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Last-Modified: Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges: bytes
ETag: "0ba3b8f4cdcf1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3877
Date: Wed, 06 May 2020 01:26:15 GMT
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 0E2E 3 KB
2 KB 1118ms
33ms Script
text/javascript 213.254.244.12
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DEH%3AAF%5D4%40%3ETauz%3A%60%60(%3A%3F5%40HDU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DEH%3AAF%5D4%40%3ETar23%40FETbpTauTauU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=https:&uid=1588728375290380&jsCallback=dvCallback_1588728375290596&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F81.0.4044.129%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=319&lvvn=28&m1=13&refD=1&referrer=about%3Ablank&fwc=0&fcl=487&flt=0&fec=1597&fcifrms=7&brh=2&dvp_epl=154&noc=16&ctx=499507&cmp=DV119194&sid=17306&plc=sampletag&adsrv=0&advid=3819603&turl=http%3A//www.twipu.com&DVP_IS_SAMPLE=1&DVP_PP_REP=1&DVP_IQM_ID=10&DVP_DV_TT=1&DVP_DV_CT=1&DVP_MM_1=216536&DVP_MM_2=655130&DVP_MM_3=4830672&DVP_MM_4=6881361&DVP_MM_5=pub&DVP_MM_6=3&DVP_MM_7=156872&DVP_MM_8=284982&DVPX_PP_IMP_ID=4402504085114509108&dvp_tuid=907316495857
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements319.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.12 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 77e36c88f89b2aee80a90f2c098ca615eb8cb1a43ead39ffb6b26dd0f9425796

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 May 2020 01:26:15 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 5/5/2020 1:26:16 AM

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/ Frame 1FD7 2 B
159 B 50ms
49ms XHR
text/plain 34.240.212.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/postback?di=http%3A%2F%2Fwww.twipu.com&r1=185.236.201.0&dt=6196211556140246740000&pd=avt&c1=4830672&ui=5fa61265-0000-0000-0000-000000000000&ti=4402504085114509108&ac=655130&ap=&sr=3&si=284982&cr=6881361&ai=216536&pp=156872&r2=&de=43003&r3=&pv=88f35d71-6361-4f50-abe5-288b3625b7ae&dm=160x600&ci=619621&oz_tc=aDDK1pmfEAb1KsFo&oz_sc=934faeb525503b8411397dbe&oz_st=1588728375156&oz_v=4.66.0&dp=www.twipu.com&oz_df=260&oz_l=5101&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/4.66.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 May 2020 01:26:14 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/ Frame 1FD7 2 B
159 B 99ms
49ms XHR
text/plain 34.240.212.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/postback?oz_pl=1&di=http%3A%2F%2Fwww.twipu.com&r1=185.236.201.0&dt=6196211556140246740000&pd=avt&c1=4830672&ui=5fa61265-0000-0000-0000-000000000000&ti=4402504085114509108&ac=655130&ap=&sr=3&si=284982&cr=6881361&ai=216536&pp=156872&r2=&de=43003&r3=&pv=88f35d71-6361-4f50-abe5-288b3625b7ae&dm=160x600&ci=619621
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//www.twipu.com&ui=5fa61265-0000-0000-0000-000000000000&ap=&ti=4402504085114509108&pv=88f35d71-6361-4f50-abe5-288b3625b7ae&pp=156872&sr=3&de=43003&si=284982&dm=160x600&ac=655130&cr=6881361&ai=216536&c1=4830672&r1=185.236.201.0&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 May 2020 01:26:14 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

GET
H/1.1 200
OK Cookie set cshow.php
www.awin1.com/ Frame 4200 0
0 56ms
56ms Document
image/gif 104.111.239.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2347560&v=14114&q=358322&r=414915&pref1=84075300014879201060214011221002&pv=1

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=5w5xilzgs0lt&nw=20&renderingType=javascript&namespace=045715bbc1&subid=&uid=1048580666ddbf38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402202267025200948%26mt_id%3D6881367%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ancestorOrigins=https%3A%2F%2Fwww.twipu.com&random=7477483750784&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.246 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-246.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Host: www.awin1.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: AWSESS=346449:2246541; awpv11482=414915|1588728375|940d1f90-8f38-11ea-80d2-692d035208c1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Content-Type: image/gif
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Content-Length: 43
Date: Wed, 06 May 2020 01:26:16 GMT
Connection: keep-alive
Set-Cookie: awpv14114=414915|1588728376|94bfcdc0-8f38-11ea-8c72-692d08c3400c;domain=.awin1.com;path=/;expires=Friday, 05-Jun-2020 01:26:16 UTC;Secure;SameSite=None AWSESS=358322:2347560;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1

200
OK

Cookie set index.html
www.elitepartner.ch/cms_lp/16/u/ht/ Frame BF4A
Redirect Chain

https://www.awin1.com/cshow.php?s=2520058&v=9306&q=377095&r=414915&pref1=84075300014879201060214011221002&pv=1
https://trf.greatviews.de/cl?m315=c&q=Grv3XWaQiME2c3i18P5mgkhg&pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1588728376_94c1c990-8f38-11ea-80d2-692d035208c1ID_GV00ID
https://www.elitepartner.ch/cms_lp/16/u/ht/index.html?pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1588728376_94c1c990-8f38-11ea-80d2-692d035208c1ID_GV1588728376.5564004.94df87a0-8f38-11e...

0
0

68ms
30ms

Document
text/html

2606:4700::6813:fb79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elitepartner.ch/cms_lp/16/u/ht/index.html?pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1588728376_94c1c990-8f38-11ea-80d2-692d035208c1ID_GV1588728376.5564004.94df87a0-8f38-11ea-a5b1-00155d50a602ID&cj=YToyOntzOjI6ImlkIjtzOjM4OiJjajk0ZGZjYWU0LThmMzgtMTFlYS1hNWIxLTAwMTU1ZDUwYTYwMiI7czo2OiJleHBpcmUiO2k6MTY1MTgwMDM3Njt9

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:fb79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Host: www.elitepartner.ch
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d10a1c10f11dbd022721eafea81760bc01588728376; expires=Fri, 05-Jun-20 01:26:16 GMT; path=/; domain=.www.elitepartner.ch; HttpOnly; SameSite=Lax; Secure __cf_bm=44e4838928dd27b0f2e676cdcd4c15f5b7adddb8-1588728376-1800-ATbvlij+SHhc4+g1JblnIqpLVOPwIeU3aPi/X4V6CTw7VYj7PaxGPowEjJn1hY3UdPH//0yGmhks1OAVgyGWNN0=; path=/; expires=Wed, 06-May-20 01:56:16 GMT; domain=.www.elitepartner.ch; HttpOnly; Secure; SameSite=None
Last-Modified: Wed, 09 May 2018 08:40:16 GMT
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Strict-Transport-Security: max-age=15552000
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 58eee982eaf4074a-FRA
Content-Encoding: gzip
cf-request-id: 02893045d20000074a8ca67200000001

Redirect headers

Server: nginx
Date: Wed, 06 May 2020 01:26:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: ads_si=a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%2294df8a34-8f38-11ea-a5b1-00155d50a602%22%3Bs%3A3%3A%22sit%22%3Bi%3A1588814776%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D; path=/ cjcookie=a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj94dfcae4-8f38-11ea-a5b1-00155d50a602%22%3Bs%3A6%3A%22expire%22%3Bi%3A1651800376%3B%7D; expires=Fri, 06-May-2022 01:26:16 GMT; Max-Age=63072000; path=/ mcookie=a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%2294df8994-8f38-11ea-a5b1-00155d50a602%22%3Bs%3A11%3A%22click_13264%22%3Bs%3A57%3A%221588728376%25%255564004%25%2594df87a0-8f38-11ea-a5b1-00155d50a602%22%3Bs%3A6%3A%22expire%22%3Bi%3A1604280376%3B%7D; expires=Mon, 02-Nov-2020 01:26:16 GMT; Max-Age=15552000; path=/ ads_pu=a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1589333176%3B%7D; expires=Wed, 13-May-2020 01:26:16 GMT; Max-Age=604800; path=/ ads_ps=a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D; path=/
P3P: policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
Location: https://www.elitepartner.ch/cms_lp/16/u/ht/index.html?pscode=03_120_60078_0001_0001_0001_empty_AF9306_414915_1588728376_94c1c990-8f38-11ea-80d2-692d035208c1ID_GV1588728376.5564004.94df87a0-8f38-11ea-a5b1-00155d50a602ID&cj=YToyOntzOjI6ImlkIjtzOjM4OiJjajk0ZGZjYWU0LThmMzgtMTFlYS1hNWIxLTAwMTU1ZDUwYTYwMiI7czo2OiJleHBpcmUiO2k6MTY1MTgwMDM3Njt9
Server-ID: 12
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK request_content.php
hal90002.redintelligence.net/ Frame 5CE5 0
0 95ms
32ms Document
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request_content.php?s=84075300014879201060214011221002&a=21db9a49
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=5w5xilzgs0lt&nw=20&renderingType=javascript&namespace=045715bbc1&subid=&uid=1048580666ddbf38&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402202267025200948%26mt_id%3D6881367%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ancestorOrigins=https%3A%2F%2Fwww.twipu.com&random=7477483750784&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Host: hal90002.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=1e0072f0bc5c9754
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:16 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 06 May 2020 02:26:16 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1941
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2

200

1x1.gif
www.adtracker.ch/upload/ Frame 765E
Redirect Chain

https://cct.connects.ch/tpv.php?t=116827V1485146143M&subid=84075300014879201060214011221002&pv=1
https://www.adtracker.ch/upload/1x1.gif?x=1&lea_source=2020050603261630758152857X116827V1485146143MS84075300014879201060214011221002&utm_source=affil&utm_medium=NNNNN

42 B
156 B

117ms
23ms

Image
image/gif

5.148.168.135
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adtracker.ch/upload/1x1.gif?x=1&lea_source=2020050603261630758152857X116827V1485146143MS84075300014879201060214011221002&utm_source=affil&utm_medium=NNNNN
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.148.168.135 , Switzerland, ASN29691 (NINE, CH),
Reverse DNS: adresult08.nine.ch
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:16 GMT
last-modified: Tue, 10 Jul 2018 10:21:41 GMT
server: Apache
etag: "2a-570a27efbd740"
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 42

Redirect headers

status: 302
date: Wed, 06 May 2020 01:26:16 GMT
x-content-type-options: nosniff
server: nginx
location: https://www.adtracker.ch/upload/1x1.gif?x=1&lea_source=2020050603261630758152857X116827V1485146143MS84075300014879201060214011221002&utm_source=affil&utm_medium=NNNNN
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame BC76 0
0 44ms
43ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=1ADB7095-23BF-4370-96D0-4767A8530773; DPSync3=1588809600%3A174%7C1589932800%3A201_197_219; KRTBCOOKIE_80=16514-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22987-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22995-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&23025-CAESEEYEcmzRYQV_lujImAo6mxI; PUBMDCID=3; KRTBCOOKIE_153=19420-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g&KRTB&22979-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_27=16735-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce&KRTB&16736-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce; KRTBCOOKIE_336=5844-2337321481033031330; KRTBCOOKIE_22=14911-4333079171146555114&KRTB&23150-4333079171146555114; KRTBCOOKIE_377=22918-32a84470-403b-4691-adb1-6ccbdd732a99&KRTB&23031-32a84470-403b-4691-adb1-6ccbdd732a99; KRTBCOOKIE_1074=22956-e_12212964-d8bc-4fea-9785-17370ac4ad2d; KRTBCOOKIE_391=22924-7144396918788690709; KRTBCOOKIE_218=22922-XrISNAAAAFNMyVvC&KRTB&22978-XrISNAAAAFNMyVvC&KRTB&23194-XrISNAAAAFNMyVvC&KRTB&23209-XrISNAAAAFNMyVvC; KRTBCOOKIE_409=22966-bSslokYfohjNbUpp2cUJUwOW&KRTB&23212-bSslokYfohjNbUpp2cUJUwOW; SPugT=1588728374; KCCH=YES; pi=156872:4; chkChromeAb67Sec=2; SyncRTB3=1589587200%3A63%7C1593907200%3A69%7C1591315200%3A203%7C1590019200%3A35%7C1589932800%3A194_81_189_170_218_92_195_104_3_99_13_54_176_21_52_56_78_88_166_5_205_7_22_161_71_8_55%7C1589328000%3A15_67_2; KRTBCOOKIE_1101=23040-6823536412864477326; KRTBCOOKIE_279=22890-9465c74f-8f38-11ea-83cf-a1688bc1fbaa; PugT=1588728376
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=170230
Expires: Fri, 08 May 2020 00:43:26 GMT
Date: Wed, 06 May 2020 01:26:16 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 9487 0
0 37ms
36ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156872&siteId=284982&adId=1373832&adType=10&adServerId=243&kefact=0.021647&kaxefact=0.021647&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1588728372&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.030924&dcId=2&tldId=58508322&passback=0&svr=BIDVA129&ekefact=NBKyXnzLCgA18Sgc8mAoqCLl5qUchI38VQsFR089qHaeXYLU&ekaxefact=NBKyXovLCgAS5OGUyOonJmen7m5yrV9f_JDt_hABNF8K0Lc2&ekpbmtpfact=NBKyXpzLCgCZEtGgCPllLoJir53nrFU-DEhPQ2r38q6IdoTn&enpp=NBKyXrDLCgBTIPoEhh3byYVBcJysZPDOd1ChCqBJt5thQE_9&crID=6881367&lpu=soberberlin.com&ucrid=14222794932046070304&campaignId=16735&creativeId=0&pctr=0.000000&wDSPByrId=101936&wDspId=27&wbId=0&wrId=0&wAdvID=985929&wDspCampId=655130&isRTB=1&rtbId=24CF5673-5A4E-4AEA-AA99-A5DE694B4589&imprId=90C4D537-A421-49BB-8137-3F5BFC7DB8F7&oid=90C4D537-A421-49BB-8137-3F5BFC7DB8F7&country=CH&cntryId=45&domain=twipu.com&pageURL=www.twipu.com&sec=1
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: aktrack.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=1ADB7095-23BF-4370-96D0-4767A8530773; DPSync3=1588809600%3A174%7C1589932800%3A201_197_219; KRTBCOOKIE_80=16514-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22987-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22995-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&23025-CAESEEYEcmzRYQV_lujImAo6mxI; PUBMDCID=3; KRTBCOOKIE_153=19420-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g&KRTB&22979-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_27=16735-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce&KRTB&16736-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce; KRTBCOOKIE_336=5844-2337321481033031330; KRTBCOOKIE_22=14911-4333079171146555114&KRTB&23150-4333079171146555114; KRTBCOOKIE_377=22918-32a84470-403b-4691-adb1-6ccbdd732a99&KRTB&23031-32a84470-403b-4691-adb1-6ccbdd732a99; KRTBCOOKIE_1074=22956-e_12212964-d8bc-4fea-9785-17370ac4ad2d; KRTBCOOKIE_391=22924-7144396918788690709; KRTBCOOKIE_218=22922-XrISNAAAAFNMyVvC&KRTB&22978-XrISNAAAAFNMyVvC&KRTB&23194-XrISNAAAAFNMyVvC&KRTB&23209-XrISNAAAAFNMyVvC; KRTBCOOKIE_409=22966-bSslokYfohjNbUpp2cUJUwOW&KRTB&23212-bSslokYfohjNbUpp2cUJUwOW; SPugT=1588728374; pi=156872:4; chkChromeAb67Sec=2; SyncRTB3=1589587200%3A63%7C1593907200%3A69%7C1591315200%3A203%7C1590019200%3A35%7C1589932800%3A194_81_189_170_218_92_195_104_3_99_13_54_176_21_52_56_78_88_166_5_205_7_22_161_71_8_55%7C1589328000%3A15_67_2; KRTBCOOKIE_1101=23040-6823536412864477326; KRTBCOOKIE_279=22890-9465c74f-8f38-11ea-83cf-a1688bc1fbaa; PugT=1588728376
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Content-Type: text/html
Content-Length: 0
Date: Wed, 06 May 2020 01:26:16 GMT
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 765E 43 B
480 B 51ms
51ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x16 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:16 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x16
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 06 May 2020 01:28:06 GMT

GET
H2

200

9ea5ab1b1ff64b65d6102658de94bf609c1967490bfc8f13e0c0e717a96f51b8.jpeg
www.ssaimg.com/~sW0AQ7HgCEc/ Frame 4D8D
Redirect Chain

https://ngp1.intnotif.club/adServe/wpnFeed/getImage?ai=5uUe7hOHc0L3xmimFIykq1t248FJq917Hy1WQF77YQpaqXR6F6EdvtUK5iYgal7gSuRaX5fYRrZudNzrAm_O0AIncVozaG4pq_le7J2uKvw3RBef58pfP2J4GeXt97A4LUINRSQ97Y_rgU...
https://www.ssaimg.com/~sW0AQ7HgCEc/9ea5ab1b1ff64b65d6102658de94bf609c1967490bfc8f13e0c0e717a96f51b8.jpeg

4 KB
4 KB

152ms
40ms

Image
image/jpeg

94.31.29.131
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ssaimg.com/~sW0AQ7HgCEc/9ea5ab1b1ff64b65d6102658de94bf609c1967490bfc8f13e0c0e717a96f51b8.jpeg
Requested by: Host: www.twipu.com
URL: https://www.twipu.com/Ki11Windows
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.131 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.131.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9ea5ab1b1ff64b65d6102658de94bf609c1967490bfc8f13e0c0e717a96f51b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

date: Wed, 06 May 2020 01:26:17 GMT
last-modified: Mon, 04 May 2020 19:57:59 GMT
server: NetDNA-cache/2.2
etag: "5eb073c7-ed1"
x-cache: HIT
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 3793

Redirect headers

status: 302
date: Wed, 06 May 2020 01:26:17 GMT
server: nginx
access-control-allow-origin: *
content-length: 0
location: https://www.ssaimg.com/~sW0AQ7HgCEc/9ea5ab1b1ff64b65d6102658de94bf609c1967490bfc8f13e0c0e717a96f51b8.jpeg
access-control-allow-methods: POST

GET
H/1.1 200
OK request.php Show response
hal90007.redintelligence.net/ Frame 4E3C 2 KB
1 KB 108ms
99ms Script
application/x-javascript 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=v0ze6hqos4es&nw=20&renderingType=javascript&namespace=1a8b6f3739&subid=&uid=65d8c7ec36c238ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402212428917823284%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ancestorOrigins=https%3A%2F%2Fwww.twipu.com&random=8289487341262&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/v0ze6hqos4es?subid=&rnd=4402212428917823284&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402212428917823284%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2cda2218de56ed0f6da39ab91e9dd65a20c16649ef6f4fe0cda32262cf08aefd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 May 2020 01:26:17 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 45779700019930801060216011221007
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 712
Expires: Wed, 06 May 2020 02:26:17 +0200

GET
H/1.1 200
OK request_content.php
hal90007.redintelligence.net/ Frame D814 0
0 82ms
33ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=45779700019930801060216011221007&a=00e927b3
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=v0ze6hqos4es&nw=20&renderingType=javascript&namespace=1a8b6f3739&subid=&uid=65d8c7ec36c238ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4402212428917823284%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_uuid%3D59fe5eb2-1234-4800-9c2b-6aaabf6685eb%26mt_3pck%3D%24%257BPUBMATIC_CLICK_TRACKING_URL%257D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.twipu.com%2FKi11Windows&ancestorOrigins=https%3A%2F%2Fwww.twipu.com&random=8289487341262&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Host: hal90007.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=1e0072f0bc5c9754
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 06 May 2020 02:26:17 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1319
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 tpv.php
cct.connects.ch/ Frame 4E3C 0
0 50ms
49ms Image
text/html 84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cct.connects.ch/tpv.php?t=116827V1625148067F&subid=45779700019930801060216011221007
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame F253 0
0 43ms
43ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=1ADB7095-23BF-4370-96D0-4767A8530773; DPSync3=1588809600%3A174%7C1589932800%3A201_197_219; KRTBCOOKIE_80=16514-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22987-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22995-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&23025-CAESEEYEcmzRYQV_lujImAo6mxI; PUBMDCID=3; KRTBCOOKIE_153=19420-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g&KRTB&22979-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_27=16735-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce&KRTB&16736-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce; KRTBCOOKIE_336=5844-2337321481033031330; KRTBCOOKIE_22=14911-4333079171146555114&KRTB&23150-4333079171146555114; KRTBCOOKIE_377=22918-32a84470-403b-4691-adb1-6ccbdd732a99&KRTB&23031-32a84470-403b-4691-adb1-6ccbdd732a99; KRTBCOOKIE_1074=22956-e_12212964-d8bc-4fea-9785-17370ac4ad2d; KRTBCOOKIE_391=22924-7144396918788690709; KRTBCOOKIE_218=22922-XrISNAAAAFNMyVvC&KRTB&22978-XrISNAAAAFNMyVvC&KRTB&23194-XrISNAAAAFNMyVvC&KRTB&23209-XrISNAAAAFNMyVvC; KRTBCOOKIE_409=22966-bSslokYfohjNbUpp2cUJUwOW&KRTB&23212-bSslokYfohjNbUpp2cUJUwOW; pi=156872:4; chkChromeAb67Sec=2; SyncRTB3=1589587200%3A63%7C1593907200%3A69%7C1591315200%3A203%7C1590019200%3A35%7C1589932800%3A194_81_189_170_218_92_195_104_3_99_13_54_176_21_52_56_78_88_166_5_205_7_22_161_71_8_55%7C1589328000%3A15_67_2; KRTBCOOKIE_1101=23040-6823536412864477326; KRTBCOOKIE_279=22890-9465c74f-8f38-11ea-83cf-a1688bc1fbaa; SPugT=1588728377; KRTBCOOKIE_699=22727-AAI_ZE69ZCQAAG8VE_bzug&KRTB&22744-AAI_ZE69ZCQAAG8VE_bzug; PugT=1588728377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=170229
Expires: Fri, 08 May 2020 00:43:26 GMT
Date: Wed, 06 May 2020 01:26:17 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame 0227 0
0 37ms
37ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156872&siteId=284982&adId=1373834&adType=10&adServerId=243&kefact=0.020475&kaxefact=0.020475&kadNetFrequecy=0&kadwidth=160&kadheight=600&kadsizeid=10&kltstamp=1588728372&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.029249&dcId=2&tldId=58508322&passback=0&svr=BIDVA179&ekefact=NBKyXs7nCgCKmB_JeB2mHjNXG6QkwgG94phKDgfEKhNBQhkv&ekaxefact=NBKyXuDnCgDYBizPcItvYdCk-zFW5VMmkBuvFlJ4BGOWCIYt&ekpbmtpfact=NBKyXvDnCgD4n4TLgdT7LCTj872ICZVv33flZscZGW95M-IH&enpp=NBKyXgDoCgCbePCDbINlHNrQ8UU42qN6p2_6zuY28A2weEkO&crID=6881361&lpu=soberberlin.com&ucrid=14432316779050365902&campaignId=16735&creativeId=0&pctr=0.000000&wDSPByrId=101936&wDspId=27&wbId=1&wrId=0&wAdvID=985929&wDspCampId=655130&isRTB=1&rtbId=B20F0D63-5E6D-48A1-98FB-B52C0CABBC7F&imprId=38C70866-3B50-4E5E-87EB-2771C8E185CE&oid=38C70866-3B50-4E5E-87EB-2771C8E185CE&country=CH&cntryId=45&domain=twipu.com&pageURL=www.twipu.com&sec=1
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: aktrack.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=1ADB7095-23BF-4370-96D0-4767A8530773; DPSync3=1588809600%3A174%7C1589932800%3A201_197_219; KRTBCOOKIE_80=16514-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22987-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&22995-CAESEEYEcmzRYQV_lujImAo6mxI&KRTB&23025-CAESEEYEcmzRYQV_lujImAo6mxI; PUBMDCID=3; KRTBCOOKIE_153=19420-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g&KRTB&22979-jqqHEIr91haW-YMbivnIFY361BuW-dEUjPyOt_0g; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_27=16735-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce&KRTB&16736-uid:01065eb2-1234-4e00-b2cf-9d6a06fff4ce; KRTBCOOKIE_336=5844-2337321481033031330; KRTBCOOKIE_22=14911-4333079171146555114&KRTB&23150-4333079171146555114; KRTBCOOKIE_377=22918-32a84470-403b-4691-adb1-6ccbdd732a99&KRTB&23031-32a84470-403b-4691-adb1-6ccbdd732a99; KRTBCOOKIE_1074=22956-e_12212964-d8bc-4fea-9785-17370ac4ad2d; KRTBCOOKIE_391=22924-7144396918788690709; KRTBCOOKIE_218=22922-XrISNAAAAFNMyVvC&KRTB&22978-XrISNAAAAFNMyVvC&KRTB&23194-XrISNAAAAFNMyVvC&KRTB&23209-XrISNAAAAFNMyVvC; KRTBCOOKIE_409=22966-bSslokYfohjNbUpp2cUJUwOW&KRTB&23212-bSslokYfohjNbUpp2cUJUwOW; pi=156872:4; chkChromeAb67Sec=2; SyncRTB3=1589587200%3A63%7C1593907200%3A69%7C1591315200%3A203%7C1590019200%3A35%7C1589932800%3A194_81_189_170_218_92_195_104_3_99_13_54_176_21_52_56_78_88_166_5_205_7_22_161_71_8_55%7C1589328000%3A15_67_2; KRTBCOOKIE_1101=23040-6823536412864477326; KRTBCOOKIE_279=22890-9465c74f-8f38-11ea-83cf-a1688bc1fbaa; SPugT=1588728377; KRTBCOOKIE_699=22727-AAI_ZE69ZCQAAG8VE_bzug&KRTB&22744-AAI_ZE69ZCQAAG8VE_bzug; PugT=1588728377
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Content-Type: text/html
Content-Length: 0
Date: Wed, 06 May 2020 01:26:17 GMT
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 4E3C 43 B
480 B 51ms
50ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x16 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:17 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x16
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 06 May 2020 01:28:07 GMT

POST
H/1.1 200
OK event.png
tps20238.doubleverify.com/ Frame 0E2E 67 B
486 B 94ms
31ms Other
image/png 213.254.244.22
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20238.doubleverify.com/event.png?impid=b1fc2163c4614f1283edab1c8272a9a7&msrjs=319&eoid=5&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&dvp_esdtms=3211&cbust=1588728378472955
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements319.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.22 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 06 May 2020 01:26:18 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://www.twipu.com
Cache-Control: max-age=0
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Expires: 5/5/2020 1:26:18 AM

POST
H/1.1 200
OK event.png
tps20238.doubleverify.com/ Frame 0E2E 67 B
486 B 31ms
31ms Other
image/png 213.254.244.22
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20238.doubleverify.com/event.png?impid=b1fc2163c4614f1283edab1c8272a9a7&msrcanlm=904&msrcannum=3&eoid=8&ismms=107&isumms=106&isvelg=1&nvr=6&isbxdms=3307&b11=3303&adhgt=600&adwdth=160&norwdth=160&norhgt=600&engisel=1&vsos=5&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1&lftb=3303&sftb=3303&msrdp=1&naral=640&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=1006&isuiabvms=1006&ispmxpms=1006&engalms=104&dvp_hdnAd=2008&dvp_dpr=1&dvp_ltspl=7384&dvp_esdtms=4211&cbust=1588728379472703
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements319.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.22 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 06 May 2020 01:26:18 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://www.twipu.com
Cache-Control: max-age=0
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Expires: 5/5/2020 1:26:19 AM

GET
BLOB 200
OK 85de695a-259f-434c-acde-9b86df893039
https://www.twipu.com/ Frame 1FD7 476 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.twipu.com/85de695a-259f-434c-acde-9b86df893039
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/4.66.0/main.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e811b97dc60cf37a74f0bffee4222c2697e409c2cc78548e47b3384926c4338

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Content-Length: 476

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/ Frame 1FD7 2 B
159 B 79ms
78ms XHR
text/plain 34.240.212.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/postback?di=http%3A%2F%2Fwww.twipu.com&r1=185.236.201.0&dt=6196211556140246740000&pd=avt&c1=4830672&ui=5fa61265-0000-0000-0000-000000000000&ti=4402504085114509108&ac=655130&ap=&sr=3&si=284982&cr=6881361&ai=216536&pp=156872&r2=&de=43003&r3=&pv=88f35d71-6361-4f50-abe5-288b3625b7ae&dm=160x600&ci=619621&oz_tc=aDDK1pmfEAb1KsFo&oz_sc=934faeb525503b8411397dbe&oz_st=1588728375156&oz_v=4.66.0&dp=www.twipu.com&oz_df=5015&oz_l=4876&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/4.66.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 May 2020 01:26:19 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/ Frame 1FD7 2 B
159 B 49ms
49ms XHR
text/plain 34.240.212.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/postback?di=http%3A%2F%2Fwww.twipu.com&r1=185.236.201.0&dt=6196211556140246740000&pd=avt&c1=4830672&ui=5fa61265-0000-0000-0000-000000000000&ti=4402504085114509108&ac=655130&ap=&sr=3&si=284982&cr=6881361&ai=216536&pp=156872&r2=&de=43003&r3=&pv=88f35d71-6361-4f50-abe5-288b3625b7ae&dm=160x600&ci=619621&oz_tc=aDDK1pmfEAb1KsFo&oz_sc=934faeb525503b8411397dbe&oz_st=1588728375156&oz_v=4.66.0&dp=www.twipu.com&oz_df=5116&oz_l=62&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/4.66.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 May 2020 01:26:19 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/ Frame 1FD7 2 B
159 B 49ms
49ms XHR
text/plain 34.240.212.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/postback?di=http%3A%2F%2Fwww.twipu.com&r1=185.236.201.0&dt=6196211556140246740000&pd=avt&c1=4830672&ui=5fa61265-0000-0000-0000-000000000000&ti=4402504085114509108&ac=655130&ap=&sr=3&si=284982&cr=6881361&ai=216536&pp=156872&r2=&de=43003&r3=&pv=88f35d71-6361-4f50-abe5-288b3625b7ae&dm=160x600&ci=619621&oz_tc=aDDK1pmfEAb1KsFo&oz_sc=934faeb525503b8411397dbe&oz_st=1588728375156&oz_v=4.66.0&dp=www.twipu.com&oz_df=5216&oz_l=83&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/4.66.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 May 2020 01:26:19 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 2 B
896 B 283ms
282ms XHR
application/json 72.246.168.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AUQfSwUmcyZOoh_q-P8ZNr0yfhH6j-V4XYQgoBRkLcjCzpDlkal9c8IYS8nrIPD6SNS8e_f82z86_Z3R

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-168-118.deploy.static.akamaitechnologies.com

Software

/ Express

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.twipu.com/Ki11Windows
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 106
date: Wed, 06 May 2020 01:26:21 GMT
x-content-type-options: nosniff
status: 200
x-powered-by: Express
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.twipu.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-edgeconnect-midmile-rtt: 143
paypal-debug-id: f0d9950467df5
dc: phx-origin-www-3.paypal.com
content-length: 2
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame FB91 43 B
635 B 48ms
48ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x16 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:25 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x16
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 06 May 2020 01:28:15 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/ Frame 1FD7 2 B
159 B 49ms
49ms XHR
text/plain 34.240.212.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/postback?di=http%3A%2F%2Fwww.twipu.com&r1=185.236.201.0&dt=6196211556140246740000&pd=avt&c1=4830672&ui=5fa61265-0000-0000-0000-000000000000&ti=4402504085114509108&ac=655130&ap=&sr=3&si=284982&cr=6881361&ai=216536&pp=156872&r2=&de=43003&r3=&pv=88f35d71-6361-4f50-abe5-288b3625b7ae&dm=160x600&ci=619621&oz_tc=aDDK1pmfEAb1KsFo&oz_sc=934faeb525503b8411397dbe&oz_st=1588728375156&oz_v=4.66.0&dp=www.twipu.com&oz_df=9916&oz_l=37&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/4.66.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 May 2020 01:26:24 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 1FD7 43 B
635 B 50ms
50ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x21 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:25 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x21
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 06 May 2020 01:28:15 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/ Frame 1FD7 2 B
159 B 49ms
49ms XHR
text/plain 34.240.212.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/4.66.0/619621/aDDK1pmfEAb1KsFo/postback?di=http%3A%2F%2Fwww.twipu.com&r1=185.236.201.0&dt=6196211556140246740000&pd=avt&c1=4830672&ui=5fa61265-0000-0000-0000-000000000000&ti=4402504085114509108&ac=655130&ap=&sr=3&si=284982&cr=6881361&ai=216536&pp=156872&r2=&de=43003&r3=&pv=88f35d71-6361-4f50-abe5-288b3625b7ae&dm=160x600&ci=619621&oz_tc=aDDK1pmfEAb1KsFo&oz_sc=934faeb525503b8411397dbe&oz_st=1588728375156&oz_v=4.66.0&dp=www.twipu.com&oz_df=10916&oz_l=91&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/4.66.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.212.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-212-15.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 May 2020 01:26:25 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 765E 43 B
489 B 50ms
50ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x15 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:26 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 06 May 2020 01:28:16 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 4E3C 43 B
635 B 51ms
51ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x20 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36

Response headers

Date: Wed, 06 May 2020 01:26:27 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x20
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 06 May 2020 01:28:17 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r.adport.io
URL: https://r.adport.io/i/ic/EObRcP5rssQE1rpRsq8Q0zXHBzcZTSSJ-q1osh4WMZJEsMGeerGas6XeaSCrHqCtpN8T_gty7BM0E_6ivmTFVwh_OEmyXbj-gbwhyqVpls8B2nZgBDiKAeF1mx0BqdM5w82jfaeGqLi_jZdXF0fzifpTHNQWXd_06xIEnA9ujhh9Kw7obNurTxVINiuCkgSKuBeEfBcqXQJFeDLHiuPkccKO_4mg1g6HCcAN6PR2zT7MVNn2XA6ub8IFFDZBL0NiPEkwvru-IxyfcMqrBM-1drQTw5EU3gM2QqkEEme_ZrjUOA7zrbGdbCcHNKWxhdlNKwouaMkUTxm-4_7d0c-opScSUZhURlLND5w

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adform.net/	1970-01-19 10:45:12	Name: uid Value: 3416650741955646448
.tapad.com/	1970-01-19 10:45:12	Name: TapAd_DID Value: 96e5e211-8f38-11ea-8ca2-fee791afb5f9
.simpli.fi/	1970-01-19 18:05:50	Name: suid Value: 97FBBF1C79694239BA8DDA0FC9396234
.yahoo.com/	1970-01-19 18:04:45	Name: A3 Value: d=AQABBDsSsl4CEF3ZrNpdJho9PBIvkBtS3eo&S=AQAAAkVkjlp8qH-Fly_BoJj8l2A
.yahoo.com/	1970-01-19 18:04:45	Name: B Value: elnai3dfb44hr&b=3&s=i9
.pubmatic.com/	1970-01-19 10:02:00	Name: KRTBCOOKIE_1051 Value: 22884-18072662242121640677
.pubmatic.com/	1970-01-19 10:02:00	Name: KRTBCOOKIE_699 Value: 22727-AAKzXE69ZCQAAG5PE_bzug&KRTB&22744-AAKzXE69ZCQAAG5PE_bzug
.pubmatic.com/	1970-01-19 11:28:24	Name: KRTBCOOKIE_218 Value: 22922-XrISPAAAALWSuAFU&KRTB&22978-XrISPAAAALWSuAFU&KRTB&23194-XrISPAAAALWSuAFU&KRTB&23209-XrISPAAAALWSuAFU
.pubmatic.com/	1970-01-19 10:02:00	Name: KRTBCOOKIE_22 Value: 14911-9016918624810267442&KRTB&23150-9016918624810267442
.pubmatic.com/	1970-01-19 13:38:00	Name: KRTBCOOKIE_188 Value: 3189-0b7bb0de-19fe-44c1-82c9-ed4220b59992-5eb2123b-4348&KRTB&22716-0b7bb0de-19fe-44c1-82c9-ed4220b59992-5eb2123b-4348
.pubmatic.com/	1970-01-19 10:02:00	Name: KRTBCOOKIE_1074 Value: 22956-e_859f6d4e-71ca-4b3d-b24a-2c7591d8c09f
.pubmatic.com/	1970-01-19 10:02:00	Name: KRTBCOOKIE_391 Value: 22924-3416650741955646448
.pubmatic.com/	1970-01-19 10:02:00	Name: KRTBCOOKIE_1101 Value: 23040-6823536430042380430
.pubmatic.com/	1970-01-19 11:28:24	Name: KRTBCOOKIE_377 Value: 22918-effb221d-e123-499f-9113-9cbcb1d18ced&KRTB&23031-effb221d-e123-499f-9113-9cbcb1d18ced
.pubmatic.com/	1970-01-19 10:02:00	Name: PugT Value: 1588728380
.pubmatic.com/	1970-01-19 10:02:00	Name: KRTBCOOKIE_27 Value: 16735-uid:e8005eb2-123b-4e00-9544-f77eafb2e108&KRTB&16736-uid:e8005eb2-123b-4e00-9544-f77eafb2e108
.pubmatic.com/	1970-01-19 10:02:00	Name: KRTBCOOKIE_409 Value: 22966-bSslokYfohjNbUpp2cUJUwOW&KRTB&23212-bSslokYfohjNbUpp2cUJUwOW
.pubmatic.com/	1970-01-19 11:28:24	Name: KRTBCOOKIE_80 Value: 16514-CAESEOxY2cHp80jMCXh2cIA0HAY&KRTB&22987-CAESEOxY2cHp80jMCXh2cIA0HAY&KRTB&22995-CAESEOxY2cHp80jMCXh2cIA0HAY&KRTB&23025-CAESEOxY2cHp80jMCXh2cIA0HAY
.pubmatic.com/	1970-01-19 11:28:24	Name: SyncRTB3 Value: 1590019200%3A35%7C1589932800%3A71_170_7_205_78_56_3_8_176_218_21_54_13_195_194_88_99_92_189_22_81_161_166_55%7C1589328000%3A67_2_15%7C1589587200%3A63%7C1591315200%3A203
.pubmatic.com/	1970-01-19 11:28:24	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 11:28:24	Name: KRTBCOOKIE_594 Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.simpli.fi/	1970-01-19 18:05:50	Name: suid_legacy Value: 97FBBF1C79694239BA8DDA0FC9396234
.pubmatic.com/	1970-01-19 11:28:24	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 10:02:00	Name: KRTBCOOKIE_466 Value: 16530-a70a396b-6cb3-4c80-9bd8-4fd825e30037&KRTB&16532-a70a396b-6cb3-4c80-9bd8-4fd825e30037
.tapad.com/	1970-01-19 10:45:12	Name: TapAd_TS Value: 1588728380081
.pubmatic.com/	1970-01-19 11:28:24	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-19 11:28:24	Name: KRTBCOOKIE_153 Value: 19420-vvQDA7qjUlOm81dTsqFMALjzVQKmoVQEvaUf7byb&KRTB&22979-vvQDA7qjUlOm81dTsqFMALjzVQKmoVQEvaUf7byb
.pubmatic.com/	1970-01-19 10:02:00	Name: KRTBCOOKIE_336 Value: 5844-3302423442690294508
.pubmatic.com/	1970-01-19 11:28:24	Name: KADUSERCOOKIE Value: 20222E6D-1AF4-4FCD-B4DD-0C2CF54E1250
.pubmatic.com/	1970-01-19 09:20:14	Name: pi Value: 156872:4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
aktrack.pubmatic.com
api-public.addthis.com
cct.connects.ch
cdn.doubleverify.com
cdn3.doubleverify.com
chairwaydenew.site
cm.g.doubleclick.net
d141wsrw9m4as6.cloudfront.net
dc5k8fg5ioc8s.cloudfront.net
graph.facebook.com
hal9000.redintelligence.net
hal90002.redintelligence.net
hal90007.redintelligence.net
herepackagine.info
imasdk.googleapis.com
ngp1.intnotif.club
pbs.twimg.com
pixel.mathtag.com
r.adport.io
resources.infolinks.com
router.infolinks.com
rt5003.infolinks.com
s.update.mediamathtag.com
s7.addthis.com
stags.bluekai.com
symphoneupcom.site
sync.mathtag.com
t.paypal.com
tags.mathtag.com
tps.doubleverify.com
tps20238.doubleverify.com
trf.greatviews.de
v1.addthisedge.com
widgets.pinterest.com
www.adtracker.ch
www.awin1.com
www.conrad.ch
www.elitepartner.ch
www.google-analytics.com
www.paypal.com
www.ssaimg.com
www.twipu.com
www.zenaps.com
z.moatads.com
r.adport.io
104.111.239.246
104.16.107.146
104.16.107.202
104.16.108.112
104.22.19.89
104.22.2.144
104.22.3.144
108.168.193.183
138.201.63.157
151.101.12.84
157.230.205.23
172.217.21.226
185.29.135.181
185.29.135.227
2.18.232.109
2.18.233.180
2.18.233.201
2.18.235.40
213.254.244.12
213.254.244.22
23.210.248.44
23.45.237.36
23.45.98.207
2600:9000:2016:c600:17:a95a:6580:21
2600:9000:2016:d600:1a:a6:7f00:21
2606:2800:134:1a0d:1429:742:782:b6
2606:4700::6810:f2f1
2606:4700::6813:fb79
2a00:1450:4001:809::200e
2a00:1450:4001:820::200a
2a03:2880:f02d:e:face:b00c:0:2
34.240.212.15
46.4.10.47
46.4.10.49
5.148.168.135
72.246.168.118
84.200.5.215
85.239.105.10
94.31.29.131
02e5ab4e3504c9ebf258f5c4e65b9f495f1f57dc453c364d1fda1fb60847681e
038b993f0a982d7dc7739b0f1a9d933df821f866266ad23ad60dd36c47dd86b3
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12aa75eacc1abde327ceb409854d2d4b954f28df772dc8ba640289ae48786fd2
1456f910be0b6e8a48377dcf08a45af4e8e53ce3d5c9957b807f7fc770fca746
14a913b3fc4682c3e42c66c08aa67bf4671e946c5666a363d27d4bd2ce96c404
16ed3524b272cc90a215114d01159009c52cff335f5e0215fe21a66cea7a3ef0
16f1b3eaa753d4a8e925b5b2460fb179ad7daa142feb1abffdc86fd435e968bf
1838d43b9b1c5d215cc0d5f58fd0d54aa55eb8af10f777c89d5efbf7a0a832a8
1a1108324dfaefc8bd3930a14c8a61f2dd83a5d50c899442378b6e2f8fee9257
1c4d9a1f9adcce395f88b5a8fa6779a48858f7aecc395e004e5ae3b3b0e8af13
1c6c85d77a976ac4680d6f3cf5b6063af2d27c856fb9e8852d1687b230064294
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b
25f6b1f852964d2b70cbfa89d8e6c80a2db66986b78452c37e595655b327a4a5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a08ede4f5f6e614a03544d8641b61097d32871ab8bdd0f8932a3a1501c20b9f
2cda2218de56ed0f6da39ab91e9dd65a20c16649ef6f4fe0cda32262cf08aefd
2e00b7615a6ea88392e148962afb76ba9035583dcafb69151e10644ef74b166a
3489e6b40b60e82a90319b27d553c3acc3ba371bb8ebdfcfd7132e663162f5cf
364103bc6bf5b67d5297c758dd3f07ebdcb05f33d36291cb6d0549fb51e78659
3a3117f4e927821bf1243fbb1f3041ff37841e1d3f6f1273205403ad35b454fd
3e070e0adc850a205afe3244bb2408d880502d3d8f9cd00d93e7439785d05b2d
3e811b97dc60cf37a74f0bffee4222c2697e409c2cc78548e47b3384926c4338
4006a88c9a7664f7886fd14d9fa741c06180fa057c011128f1253a94a2c9db9f
4093cbc1c089e6ab55d0eeeed2b78fb2cba6afd2da1c114b39172ce1d120e5c9
40e7369d802a6b6488557987b4889a1f918613b1589715fc2cc45a607d39e863
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4597966fc733d7e0abec683e6e2923af3a3fb8c8f8fb177506bd660a72323919
49e39ed4360ed4bece57b623489ab783b898d28020b8b56038b0532a2fb7f72f
4b8552803df7e9f326b4f8974683207a0c3e0aafc0ecc553ae90c0afad471047
4b9109ddc6e4b2a7aeb24404d525e2f6844c6f7c1b7e2c66d9cd38319347136f
4c1d2506ec3b5bc439be069650a87e8e6a8fe8b6316401848d8947d1dd677464
4dcbc9b7bb7e967251e2b3b882c43aefef8c4035c8b3efeeb7ffcf11b19a8193
4dec780a764d9c9b83a29f658ded4b963ae0dceb14831d7034409ec8cfbe1d95
4ef1a0fbb01f6912b66888784ff146a3694ff223b4be05fcb130b17b3b52892a
4f64314254098f4a9b8eac290296d0bb197a7fc5b4be60cbc4d967cedab98810
511432b7f59ddb1922bef1f7aafe6f00a610f6ebba6c83fc3afdc0cc4fcbb082
562065974f2fd5cffcd6a98959c96f2c02399e08ad7f359969c594ca6d495009
56d42ca0dbbbe86b42e3bd7041cdba55e79c57c591f2c16f3e3625d5f07d28b8
56df41ce1cfb62b030165b2828a2bc1eb136f1fd9aebd04ac8511a198d0f438d
5840b48b66fcb724d736f4a684bc27eceb0e4e207beac3eadb88472db17531c4
585c3e3c2f68669e945dc64af193d66e50e4231ca95101102aaa6f799e346cce
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a0cedbf83d13921d6bd41901dfa3a955ad89e340f10d62a474c3ff9a93adc4d
5d280890891fba36693fa7ac1636f879f9810da9e31f214e84ed3e250e3a92a3
5d4ee4e58293d81c998a5bd7ad55dafa44de39870be4e9583f253bdcd30180a3
5f07554fd87b2de2d7f413aad15a903fb3fe8e0b6993b0cac1beef9ed05d7580
5f6a31b6b2e2f870cd18bc96f7ccba2aa1c5fb0857e244a3bfc43e19623a5057
60c81789160a149056677862339c14712f0a06a975f1bbc1f42de1876b29206c
610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a
62d494420cbd904c7f88776f3dd55bd4feed0cd207e08a0ff7826fd49e1a6229
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0
694e20cbaf6c52ba66ae94d3cb4e1096fa6c4819c06cb526ff014665fa4683c6
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7182cd8a66b3ba221fd7dec7811cba2cdb0ba50c6775aa36912c51e9582db53d
733971e55c84210dd81bf2ef6a7632832db3daad072d46d9f715882e618ec9d2
768abf58286afb6f967aa08ebd570b6faa05e8f20a33161ead37ed05d2d7e644
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77e36c88f89b2aee80a90f2c098ca615eb8cb1a43ead39ffb6b26dd0f9425796
7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55
7dd7d4e6023fefbb4d394b4e96a571eec61d3b6b267b6c6a15036b2591fb2148
7e6e526aaa21616ee213cf3ba86a2ce6442cb6d1f8c3a9692d3488a7c8eb6845
80dbe9268be3e4a1ac6bdd36a845cc7dfbcfe49516f28a7fe134a32d4a18b3c3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839e41e4765795a957107eed20dc2f5525904c749f49b7591cd9236103405899
877c303313e35213c107f07893d715511af468ee56192ac7e0fd73aec12d2025
8e86ce75e0059ac667da367dfab728cac0824f6852759d1a7ce92d9079fc02a2
9b9aa3f6b5b2f67741d0990d8d0e664580b1880136bf17d51ff0fffcbd848f5d
9ea5ab1b1ff64b65d6102658de94bf609c1967490bfc8f13e0c0e717a96f51b8
a0e7461288110905a1706198ad817713461420b891009d4aec1d602c628a8f0e
a294f36c4dcefb9cba9431150d0fa3bb348dae0b4fb3bfc6b73f28c70340c640
a529925170ec2d7a933109eeec708a53f8991edb151e9dabc4c9d4eb52bccf50
a6417c3961be18a250c6f8b3223eaf89ec1632a567d2726f00873905158eac00
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
b07817f72534b4b260c4d9e6671ff6c19e3b24d394f998014c5b0d8f9a355fd3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2818b1c00b965e3c6f8c229a2023011c935e1acfbdc5652d96a7f5a725ff244
b5af5ed56878f12e37689cfa23d3fee03395ca8036e767afe18b19bb3828e42d
b982e0e67f6e14bd53cb3c66d237a3094de6632623d14b14b76fe52294a7a7fa
bcfbe0497a552e672023f80d54b2abc09e05b85dc711dbe93f62f9012a7566cd
c29fe3d46825c9a0534115a3aacaf75426f17a3284e30618316f37c01a0e06b6
c313a123eede62770b121c9cef56dc86d715861ef0c6c01a914c042e2bb392ae
c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff
c82c4ded353923fb2a0e119ee93adb5ca1c92c4adccb44fb60edad1452e06676
cecebf774f5680e22a363ad596d7007ae261160230af39741641febe7f18ee2c
cfc5858762c7e2a5ae5536cb13db17c659946d62425a76ef6c2634d6b2bf17f3
d087bd020e501815a8b1dc880fe92d2e25aa007f6f57d4d5bebe03698bd415db
d40e4127f4811d2e31e3b90856b9acaa7e7489447b1422984dac68c07f2b2782
d41e81523866d7cad31492154198f32902b92eae40e93fd9ee32ba93115c44b5
d7b3a20b827a0caaabe8375ffefc82c3367b771812328e7233f1e409486bede1
d88f7e694787eeab0d49ffc5798a0c3531f55e7c926409d0b1a4491944c9176f
de6f62c798f4ded375ac0963d17d281254a91029a44209f3b9c68d4d4ec514ed
de9d649324670157c61980b7d89247e1aa62a7acfc3b38bc51865bb9a89f5d0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b
e5302a2236057e5dc69ac46f67896127200503f1fde8cf678c8f893be5cd7f1f
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
eec41b321d577d52a3c0465ebc07396b3cb7e7c21f05041f54eef0da74103396
eeda6dbb8cc33cafb8911a57e0d726ef1437e145ec20ff9faf8a2ee8677756ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef48c2e24927c424831e7e1ceefce97417db6928a3b099c72af8802a203da493
ef9e9be205620dfc68b1d8ba1b992db732e1a096b5e50b0cdf4ccf0f0024c101
efe716c0f3cbebe7a1a86a8ecda06ace0b450e901e88a4819b91c474aff596b4
fb13722704f1f56a8c4a525a88295a8f5ae0b1cff6dbf8a2b0c28eafaddeec37
feeabfc1fcb2de1f6ba5bfb6e51c0123950abd401b64345217e8d93539d705b7
ff29e6c2b83a4402b18de37dd76caad09dd47e8edc9b2781fb206e2359b3631f

www.twipu.com Open in urlscan Pro 157.230.205.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

178 Requests

98 %HTTPS

21 %IPv6

32 Domains

45 Subdomains

37 IPs

7 Countries

3980 kBTransfer

6423 kBSize

30 Cookies

9 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.twipu.com Open in urlscan Pro
157.230.205.23 Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

98 %
HTTPS

21 %
IPv6

32
Domains

45
Subdomains

37
IPs

7
Countries

3980 kB
Transfer

6423 kB
Size

30
Cookies

178 HTTP transactions
4 data transactions