urlscan.io logo urlscan.io
SecurityTrails logo

twire.gg Open in urlscan Pro
18.66.112.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://twire.gg/
Effective URL: https://twire.gg/
Submission: On November 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 97 IPs in 10 countries across 71 domains to perform 516 HTTP transactions. The main IP is 18.66.112.99, located in United States and belongs to AMAZON-02, US. The main domain is twire.gg.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 22nd 2023. Valid for: a year.
This is the only time twire.gg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 25 18.66.112.99 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
10 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 8 2606:4700:440... 13335 (CLOUDFLAR...)
1 18.66.97.10 16509 (AMAZON-02)
1 13.32.27.54 16509 (AMAZON-02)
3 18.66.122.113 16509 (AMAZON-02)
66 3.5.64.47 16509 (AMAZON-02)
8 18.66.122.109 16509 (AMAZON-02)
2 18.66.97.2 16509 (AMAZON-02)
3 2606:2800:133... 15133 (EDGECAST)
6 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f17... 32934 (FACEBOOK)
9 2a00:1450:400... 15169 (GOOGLE)
3 52.222.208.154 16509 (AMAZON-02)
1 99.86.4.39 16509 (AMAZON-02)
1 2600:9000:224... 16509 (AMAZON-02)
1 5.226.179.19 209242 (CLOUDFLAR...)
1 23.215.22.18 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 35.173.16.30 14618 (AMAZON-AES)
7 108.138.9.235 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 65.9.66.122 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 104.18.35.167 13335 (CLOUDFLAR...)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2600:9000:225... 16509 (AMAZON-02)
7 54.155.236.110 16509 (AMAZON-02)
7 35.186.253.211 15169 (GOOGLE)
19 34.149.20.76 15169 (GOOGLE)
7 2a02:2638:3::7 44788 (ASN-CRITE...)
4 20 104.18.36.155 13335 (CLOUDFLAR...)
8 147.75.84.158 54825 (PACKET)
7 34.120.63.153 396982 (GOOGLE-CL...)
7 216.52.2.39 30282 (AS-INAPCD...)
7 35.157.231.21 16509 (AMAZON-02)
4 16 185.89.210.244 29990 (ASN-APPNEX)
19 2602:803:c003... 26667 (RUBICONPR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 162.19.138.118 16276 (OVH)
1 35.190.39.111 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 8 2a02:2638:3::c 44788 (ASN-CRITE...)
1 52.19.8.73 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
36 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
10 18 142.250.186.130 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 35.244.159.8 15169 (GOOGLE)
3 142.250.181.230 15169 (GOOGLE)
12 138.201.84.252 24940 (HETZNER-AS)
1 4 94.130.102.164 24940 (HETZNER-AS)
1 5 88.99.165.19 24940 (HETZNER-AS)
1 5 144.76.91.199 24940 (HETZNER-AS)
1 162.19.138.82 16276 (OVH)
4 7 145.239.193.130 16276 (OVH)
4 88.198.250.30 24940 (HETZNER-AS)
3 2a0b:4d07:101::1 44239 (PROINITY ...)
3 13.42.237.35 16509 (AMAZON-02)
3 6 142.250.186.166 15169 (GOOGLE)
2 2 94.23.99.218 16276 (OVH)
3 104.102.45.165 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
3 18.66.147.120 16509 (AMAZON-02)
3 99.86.4.36 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
3 54.187.159.182 16509 (AMAZON-02)
2 2600:9000:206... 16509 (AMAZON-02)
6 18.170.173.249 16509 (AMAZON-02)
2 52.10.73.64 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 3.69.152.80 16509 (AMAZON-02)
2 35.71.131.137 16509 (AMAZON-02)
1 52.57.96.192 16509 (AMAZON-02)
2 2 64.202.112.159 23352 (SERVERCEN...)
1 1 52.7.163.13 14618 (AMAZON-AES)
1 1 51.89.9.254 16276 (OVH)
1 13.248.245.213 16509 (AMAZON-02)
2 23.218.210.30 16625 (AKAMAI-AS)
2 172.64.149.180 13335 (CLOUDFLAR...)
1 67.202.105.22 32748 (STEADFAST)
1 151.101.193.108 54113 (FASTLY)
1 23.218.208.23 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 34.194.158.92 14618 (AMAZON-AES)
2 2 13.32.27.113 16509 (AMAZON-02)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 35.244.174.68 15169 (GOOGLE)
1 2 52.46.130.91 16509 (AMAZON-02)
1 72.251.245.181 32475 (SINGLEHOP...)
1 2 52.50.62.11 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 98.98.134.243 21859 (ZEN-ECN)
516 97
25    18.66.112.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-99.fra56.r.cloudfront.net
twire.gg
11    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
8    2606:4700:4400::ac40:919c (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
sender.cleverwebserver.com
lp.cleverwebserver.com
call.cleverwebserver.com
1    18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
static.hotjar.com
1    13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
script.hotjar.com
3    18.66.122.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-113.fra60.r.cloudfront.net
js.stripe.com
66    3.5.64.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com
twire-assets.s3.eu-west-1.amazonaws.com
8    18.66.122.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-109.fra60.r.cloudfront.net
tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com
2    18.66.97.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-2.fra56.r.cloudfront.net
qu2qygng5zf4zbzt6j3wesx6fy.appsync-api.eu-west-1.amazonaws.com
3    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
adncdnend.azureedge.net
6    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
9    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2600:9000:2240:a800:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
1    5.226.179.19 (United Kingdom)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
members.bet365.de
1    23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    35.173.16.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-16-30.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
7    108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2600:9000:2250:6000:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
7    54.155.236.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
7    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
19    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
7    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
20    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
8    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
7    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
7    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
7    35.157.231.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-231-21.eu-central-1.compute.amazonaws.com
tlx.3lift.com
16    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
19    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
2    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
2    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
8    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    52.19.8.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
5    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
26    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
36    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
18    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
adnimation-d.openx.net
3    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
12    138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de
hal9000.redintelligence.net
4    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
hal900012.redintelligence.net
5    88.99.165.19 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de
hal900028.redintelligence.net
5    144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal900018.redintelligence.net
1    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
7    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
4    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
3    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
3    13.42.237.35 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-237-35.eu-west-2.compute.amazonaws.com
track.webgains.com
6    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
5994599.fls.doubleclick.net
2    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
3    104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com
www.awin1.com
5    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net
analytics.webgains.io
3    99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net
cdn.track.production.webgains.team
6    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
2    2600:9000:206f:5600:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
6    18.170.173.249 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-173-249.eu-west-2.compute.amazonaws.com
api.webgains.io
2    52.10.73.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-73-64.us-west-2.compute.amazonaws.com
m.stripe.com
3    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    3.69.152.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-152-80.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    52.57.96.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    52.7.163.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-163-13.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    34.194.158.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-158-92.compute-1.amazonaws.com
i.liadm.com
2    13.32.27.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-113.fra56.r.cloudfront.net
live.rezync.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    72.251.245.181 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    52.50.62.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-62-11.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
Apex Domain
Subdomains		 Transfer
76 amazonaws.com
twire-assets.s3.eu-west-1.amazonaws.com
tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com
qu2qygng5zf4zbzt6j3wesx6fy.appsync-api.eu-west-1.amazonaws.com
9 MB
64 googlesyndication.com
436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
517 KB
45 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
ad.doubleclick.net — Cisco Umbrella Rank: 154
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 154836
327 KB
26 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38186
hal900012.redintelligence.net — Cisco Umbrella Rank: 234700
hal900028.redintelligence.net — Cisco Umbrella Rank: 226762
hal900018.redintelligence.net — Cisco Umbrella Rank: 228550
167 KB
25 twire.gg
twire.gg
4 MB
22 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
24 KB
21 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
ssc.33across.com — Cisco Umbrella Rank: 3592
ssc-cms.33across.com — Cisco Umbrella Rank: 923
7 KB
20 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
13 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
30 KB
15 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
16 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
76 KB
11 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
adnimation-d.openx.net — Cisco Umbrella Rank: 63676
2 KB
11 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 105
2 KB
11 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
878 KB
10 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 9846
va.tawk.to — Cisco Umbrella Rank: 9510
141 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
105 KB
9 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 30616
api.webgains.io — Cisco Umbrella Rank: 91573
56 KB
9 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 44040
medialead.de — Cisco Umbrella Rank: 43761
6 KB
8 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
4 KB
8 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
19 KB
8 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
345 B
8 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1287
q.stripe.com — Cisco Umbrella Rank: 7148
m.stripe.com — Cisco Umbrella Rank: 1249
142 KB
8 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 25910
ui.cleverwebserver.com — Cisco Umbrella Rank: 26783
sender.cleverwebserver.com — Cisco Umbrella Rank: 67265
lp.cleverwebserver.com — Cisco Umbrella Rank: 46964
call.cleverwebserver.com — Cisco Umbrella Rank: 27405
82 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
3 KB
7 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
6 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
4 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
104 KB
4 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 74479
1 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
253 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
64 KB
3 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 107304
4 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18131
2 KB
3 webgains.com
track.webgains.com — Cisco Umbrella Rank: 62639
5 KB
3 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 217997
3 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
a.ad.gt — Cisco Umbrella Rank: 1844
4 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
74 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
247 B
3 azureedge.net
adncdnend.azureedge.net — Cisco Umbrella Rank: 50367
167 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
297 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
2 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1354
16 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
12 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 3530
128 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6862
515 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727
script.hotjar.com — Cisco Umbrella Rank: 901
60 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
187 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1489
424 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
283 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
98 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
1 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
388 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
1 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
146 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3451
104 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
268 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4524
431 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
1 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155
17 KB
1 bet365.de
members.bet365.de — Cisco Umbrella Rank: 524934
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 21126
3 KB
0 udmserve.net Failed
udmserve.net Failed
516 71
Domain Requested by
66 twire-assets.s3.eu-west-1.amazonaws.com twire.gg
33 pagead2.googlesyndication.com 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
twire.gg
securepubads.g.doubleclick.net
www.googletagservices.com
26 tpc.googlesyndication.com twire.gg
436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
25 twire.gg 2 redirects twire.gg
19 fastlane.rubiconproject.com adncdnend.azureedge.net
19 ssc.33across.com adncdnend.azureedge.net
18 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
16 ib.adnxs.com 4 redirects adncdnend.azureedge.net
googleads.g.doubleclick.net
acdn.adnxs.com
12 hal9000.redintelligence.net 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
hal900028.redintelligence.net
hal900012.redintelligence.net
hal900018.redintelligence.net
11 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 www.googletagmanager.com twire.gg
www.googletagmanager.com
adncdnend.azureedge.net
adv.office-partner.de
9 securepubads.g.doubleclick.net adncdnend.azureedge.net
securepubads.g.doubleclick.net
twire.gg
8 prebid.a-mo.net adncdnend.azureedge.net
8 tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com twire.gg
8 embed.tawk.to twire.gg
embed.tawk.to
7 pv.medialead.de 4 redirects 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
hal900018.redintelligence.net
7 googleads.g.doubleclick.net 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
twire.gg
pagead2.googlesyndication.com
7 tlx.3lift.com adncdnend.azureedge.net
7 ap.lijit.com adncdnend.azureedge.net
7 prebid.media.net adncdnend.azureedge.net
7 htlb.casalemedia.com adncdnend.azureedge.net
7 bidder.criteo.com adncdnend.azureedge.net
7 rtb.openx.net adncdnend.azureedge.net
7 hb-api.omnitagjs.com adncdnend.azureedge.net
7 aax.amazon-adsystem.com c.amazon-adsystem.com
6 api.webgains.io analytics.webgains.io
6 fonts.gstatic.com fonts.googleapis.com
6 5994599.fls.doubleclick.net 3 redirects twire.gg
436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
6 gum.criteo.com 2 redirects static.criteo.net
adncdnend.azureedge.net
6 region1.analytics.google.com www.googletagmanager.com
5 fonts.googleapis.com hal900028.redintelligence.net
hal900012.redintelligence.net
hal900018.redintelligence.net
436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
twire.gg
5 hal900018.redintelligence.net 1 redirects 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
hal900018.redintelligence.net
5 hal900028.redintelligence.net 1 redirects 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
hal900028.redintelligence.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 pb.media01.eu hal900028.redintelligence.net
hal900018.redintelligence.net
436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
hal900012.redintelligence.net
4 hal900012.redintelligence.net 1 redirects 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
hal900012.redintelligence.net
4 www.googletagservices.com 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
twire.gg
4 lp.cleverwebserver.com twire.gg
lp.cleverwebserver.com
3 www.gstatic.com twire.gg
436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
3 q.stripe.com twire.gg
3 cdn.track.production.webgains.team 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
track.webgains.com
3 analytics.webgains.io track.webgains.com
3 adservice.google.com 5994599.fls.doubleclick.net
3 www.awin1.com 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
hal900018.redintelligence.net
3 track.webgains.com twire.gg
436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
3 adv.office-partner.de hal900028.redintelligence.net
hal900018.redintelligence.net
hal900012.redintelligence.net
3 ad.doubleclick.net 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
3 static.criteo.net securepubads.g.doubleclick.net
adncdnend.azureedge.net
static.criteo.net
3 c.amazon-adsystem.com adncdnend.azureedge.net
c.amazon-adsystem.com
3 www.facebook.com twire.gg
3 adncdnend.azureedge.net twire.gg
adncdnend.azureedge.net
3 js.stripe.com twire.gg
js.stripe.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 eus.rubiconproject.com adncdnend.azureedge.net
eus.rubiconproject.com
2 b1sync.zemanta.com 2 redirects
2 match.adsrvr.org 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
2 pm.w55c.net 2 redirects
2 m.stripe.com m.stripe.network
2 m.stripe.network js.stripe.com
m.stripe.network
2 va.tawk.to embed.tawk.to
2 medialead.de 2 redirects
2 www.google.com 1 redirects tpc.googlesyndication.com
2 mug.criteo.com twire.gg
2 oajs.openx.net 1 redirects twire.gg
2 id5-sync.com cdn.id5-sync.com
2 id.hadron.ad.gt cdn.hadronid.net
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 cdn.id5-sync.com twire.gg
securepubads.g.doubleclick.net
2 www.google.de twire.gg
2 stats.g.doubleclick.net www.googletagmanager.com
2 qu2qygng5zf4zbzt6j3wesx6fy.appsync-api.eu-west-1.amazonaws.com twire.gg
2 connect.facebook.net twire.gg
connect.facebook.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 contextual.media.net adncdnend.azureedge.net
1 acdn.adnxs.com adncdnend.azureedge.net
1 ssc-cms.33across.com adncdnend.azureedge.net
1 adnimation-d.openx.net adncdnend.azureedge.net
1 js-sec.indexww.com adncdnend.azureedge.net
1 eb2.3lift.com adncdnend.azureedge.net
1 onetag-sys.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 x.bidswitch.net 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
1 dclk-match.dotomi.com 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 a.ad.gt cdn.hadronid.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.hadronid.net twire.gg
1 secure.cdn.fastclick.net twire.gg
1 members.bet365.de lp.cleverwebserver.com
1 wrappers.geoedge.be adncdnend.azureedge.net
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 call.cleverwebserver.com twire.gg
1 sender.cleverwebserver.com 1 redirects
1 ui.cleverwebserver.com twire.gg
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com twire.gg
1 scripts.cleverwebserver.com twire.gg
0 udmserve.net Failed adncdnend.azureedge.net
516 117
Subject Issuer Validity Valid
twire.gg
Amazon RSA 2048 M01		 2023-07-22 -
2024-08-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-28 -
2024-04-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-23 -
2023-11-21		 3 months crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2023-08-06 -
2024-08-04		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-12		 a year crt.sh
*.appsync-api.eu-west-1.amazonaws.com
Amazon RSA 2048 M03		 2023-11-07 -
2024-12-05		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
bet365.de
GTS CA 1P5		 2023-10-18 -
2024-01-15		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-11-08 -
2024-02-06		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.media01.eu
RapidSSL TLS RSA CA G1		 2023-05-16 -
2024-05-15		 a year crt.sh
adv.office-partner.de
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
pv.medialead.de
R3		 2023-10-12 -
2024-01-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh

This page contains 46 frames:

Primary Page: https://twire.gg/
Frame ID: 3471F7A47471D17BCA6ECB68DDFAA679
Requests: 291 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/bet365/de/sports/sports_de/cube.html?affiliate=365_02157900
Frame ID: 5B1AF8C864C00B247B797A25E7011020
Requests: 4 HTTP requests in this frame

Frame: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_02157900
Frame ID: 931DDD2E26F6BE31C899E33FD1547A95
Requests: 1 HTTP requests in this frame

Frame: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA7F5B5D798E0142CE8549D0C9290365
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=twire.gg
Frame ID: 8FF1A1777DA32672D7A1F193445CF175
Requests: 2 HTTP requests in this frame

Frame: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7CDB63C22E8A4AC7E84CD6D08AC75E1F
Requests: 24 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: FCDE02585F18B1230619A2D4A2D494AE
Requests: 15 HTTP requests in this frame

Frame: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0F49A837FFB0FD3305F4B059A99BEB00
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNVCVoLYWO832TARnWaYjaAzV8PDGuMcBLa9CTo6xykf54MDU0uCLWb_QZZ91ZVUCLIMJ61q0vGQ3ulbmMfEAe7wKcbtpSk63NT-DTd8-7Y5owZGhHbYvVIDeRackXz3M-oBgAG048JSVDmlUPSPRAKVJRksk_ryJHmUS8Dyn4crBETsSMzQU3G2PTbMYACH4uCkterXzO3ysFDhUbRtCJMv-dtjVA
Frame ID: 4BFD0AFD6E5A3E23FA3754845A707DC5
Requests: 5 HTTP requests in this frame

Frame: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA1CCCEB8A847C3D4A7F45706E894B9B
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNXDvBweobNgOE4SyWJCQInGcU8qldbk66xG5gjxpGHX97LcKP9SDkZZTl3OGoHAS0vpkfvuHl_MEg3idGsHWLuZbtnWCdJFJvDQK_BdT9GYPiFewZTRF_651XJj9Rez6xW7QF_hPjaA7rb9Ve2WWSxqd1yhJnxO_zK__LIVRuOAPvrrjGwkWDzxSlAQj3zD48C2GHderMgOfA9NmYftKS51MUxrvQ
Frame ID: A225E54F9305F86A6D030BC628476AA5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNX0vvsf-01Vt4zfqIWDMTlFHiBn2E3eY6wfXWqT8j5R6YSZrEAiYCRnsFvy0GYkv1EM01O65Wmv5_YruqHlrAiljBJwecD1S2lHMnnfuEMDNjwvZShkGPCbDB-t8yu1hzDnds67HD5CbmLUc8pMUtNO0RZ2hvNx9zngw2NQ3wbQwZa26Crh-pCyqKqQT6VtzrMfLYZAJirSLlae-Xqa7AnMmxvNBg
Frame ID: ABC09DB111C4194941708D4CBC682E35
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 2A9F673D97F505E751C894C48945D411
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ED891F724610AAFD257DE2C5DCACB642
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D1AC35175A2B42B28A3F3E028E81B491
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B1B6F910920B45B7D42A59010DF83C63
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28026600061237504445002012508028&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 7977EC5612B730D36DF2186423F36B23
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 662CD2852AE8758B9658B528D6152266
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_b-Metw4IDFaHJOwId_v8PPw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6956750401400.969
Frame ID: E4B521DFA5DEE96CBE0515C3CC08A3FE
Requests: 2 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=28026600061237504445002012508028&a=e373c8dd
Frame ID: 8C992B64845056CEC25F6A7A043827BC
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48734300048605804445002012508018&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: B6B8AFF2562CCEF13ADF4C18C7DD4BC1
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: DA16C9EE1A5A17DC37CE5B8B7488D968
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=66239100049493304445002012508012&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 1D0CFCA892BFFDE80445A7438F907DB6
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 19262B87191C04394438EB2C8B3BEA11
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJHY-Metw4IDFdTMmgodQLYF2w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=293590904678.5912
Frame ID: B1D72C8739245A046B4B08E354A8F15C
Requests: 2 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=66239100049493304445002012508012&a=257aed79
Frame ID: 5A9C165A45033C25EE6F31A0E8EBEDAE
Requests: 8 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=COTUjsitw4IDFSfMOwIdVgcKWQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9059006749647.91
Frame ID: C14058CAD7433707EBC6DFA2E7DBE62B
Requests: 2 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=48734300048605804445002012508018&a=f0261d59
Frame ID: 06C88224F93E639675947C52FB741A82
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 36B8E8D6030AAE84BA4A14A2DE3561F9
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=twire.gg
Frame ID: 46049F3293644D54A919D6D9A347E727
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: DEEF0416AE8A6192831CC2DF6F8EB348
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BFD18C012179A5E8CA5B47F81B48DA40
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EA8DEEA71B1227E703323DCECBA1F8E6
Requests: 2 HTTP requests in this frame

Frame: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7269D2687D64297F17B606B85825DEFC
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 956C2392D03B5E6B724B03EB19166F7D
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DA89AF85DBEE26421FD9FF85883E18CF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 55BE1A7FE1B52F4E0046AA39083C91DE
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 72098EBB604D167B13B310B77B14673E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7CAB31C1014BE170E168812DE6B7DFBD
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7588B251D1F9A0112F1BC37431FE9967
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: B2C434D4CD1D2B48112B72D034827212
Requests: 1 HTTP requests in this frame

Frame: https://adnimation-d.openx.net/w/1.0/pd
Frame ID: 404860607414A85D970D45182D64EDCF
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aEU7WKPLar7yomrkHcnlKl&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: E5157592046EB58818046B9F2F40A6FF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 461767D6F611631754E7F0176308C610
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUAID4GW&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C404%2C9%2C2012%2C2055%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: BFC56133E70AB9260D0F85BC70A7BDE7
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwire.gg%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CE244DB6C2B65C9A8EF9396E99FF3F41
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

All about PUBG Esports | Twire

Page URL History Show full URLs

  1. http://twire.gg/ HTTP 301
    https://twire.gg/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

516
Requests

92 %
HTTPS

32 %
IPv6

71
Domains

117
Subdomains

97
IPs

10
Countries

16885 kB
Transfer

23335 kB
Size

66
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://twire.gg/ HTTP 301
    https://twire.gg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://sender.cleverwebserver.com/group/69340?id=771567&ref=aHR0cHM6Ly90d2lyZS5nZy8%3D&ruri=&r=506752552&tok=33419711310201791433&t=1699960283&cmpId=&fb=0&wl=1&furl=0&sf=0&bw=Q2hyb21l&b=0&m=0&p=V2luMTA%3D&res=1600x1200&iv=-1&ctr=DE&sz=1200&landing=1&hei=250&ts=0.459 HTTP 301
  • https://lp.cleverwebserver.com/bet365/de/sports/sports_de/cube.html?affiliate=365_02157900
Request Chain 67
  • https://twire.gg/en/tg1.aniview.com/api/adserver/spt?AV_TAGID=63ee40ba55a95e7e590cc1e6&AV_PUBLISHERID=601d9a7f2e688a79e17c1265 HTTP 301
  • https://twire.gg/
Request Chain 230
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&rid=esp&cc=1
Request Chain 246
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=twire.gg&sn=ChromeSyncframe&so=0&topUrl=twire.gg&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=9GgwAnxreXBudUhwVnBSS3hSRGVlMU55enQ5WVQ3REV3UzYvTFhaQkN5RER6WmJCNDlubzczTUxUWUlYTEdHVGpPcUc0OFk5UUc4ZWYxaW1IODNZRUc3clR0bEd2ZEduRHlRWSttMUpYbGNEOEpPYlIvL25ZT09idTgxRUNkb1Vid2dPcTdpNjRsZDBVSVZaQzllaGxRU0lPbTVsZi9DbVNmSGpvTUtNZTQyZkJ3ZnBzTXJkTVRyNjFOK2Z4Z3I5REdZMmlMVlI5Q0VpZlkvdkRIUDE4YW5Yd2FkWHVJRjdOcHBCM21ab0JNRjFKMlNGaHNVczdiWnJZWk4wcmJMZXl2VkNRQ1BLYm9QWUJGSTU4UDVBKzRvNjJxZz09fA&cppv=2
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
Request Chain 271
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVNV3Q3t9Eex1CBZrRTnsgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDP5KoTu8rFqV04P6NthoW8&google_cver=1
Request Chain 273
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE4NDgxMTEwOTQyNzY5NDQ4Mg%3D%3D
Request Chain 274
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
Request Chain 279
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVNV3Q3t9Eex1CBZrRTnsgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDP5KoTu8rFqV04P6NthoW8&google_cver=1
Request Chain 281
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE4NDgxMTEwOTQyNzY5NDQ4Mg%3D%3D
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
Request Chain 286
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVNV3Q3t9Eex1CBZrRTnsgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDP5KoTu8rFqV04P6NthoW8&google_cver=1
Request Chain 288
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE4NDgxMTEwOTQyNzY5NDQ4Mg%3D%3D
Request Chain 328
  • https://hal900012.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d5994fa0e5&subid=&uid=ccad0bfc9a07019b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyMu53FVTZYjYNs3TgAfW6qyoD6blvaBpnZecp8kP8C4QASDln-4sYJWKiY6wB8gBCakCqyTXQ4zxsT6oAwHIA5sEqgSSAk_QID2fKw7t-zy5mTzT3o3kz6e4ZPjwo4veZYjWvl7K-cL4Yut5nxZCVCBs5gLSbTiAHIAUIfDPnPwB0PhdBIPAnTmCohNY_-khp9l9Cip_JCni4blk3cqO_2dlFUbuKE8pFzkV-6NaQlUrWdwqFCPZJkeNzbONbx5NarNM05G5hoMQ9qgm2sh8rHKgo4fXA99CGfEOo-aW_fTsZBYxBqP-XjiPlhW17GzDuVL5Sr7f6hjb3SuCupEZc3Aa0fzN9RoG7pGqbNRxbmxd52oJ-89Gxwn1IkgebYHOBlfU5ocH7MxwYPsY__Wlc5rtXVvp2B9zn1gPkrhCntMqAswjw4XVuWQ8Mru4fcdAH3CCWjp6lFTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwjq_KXHrcOCAxXNKeAKHVY1C_WwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJ-PA_oImov2HbtOUXsS35Q8AGmUFoYwl6koonX5Mi6f_S4g_4pKD7s9e3fQgV8LIaxeepUWb1P6fDCzHv0PmhOiXBtjZHnhncRgB%26sig%3DAOD64_3bVWjJWL5iGyXbEds_5rcbfqEtwA%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-DU0JzzV6e-88SRLt5uI9Zt9GymUR0nOuS1b7p7TJ_oHC3wpKjnrA_lliKuqHQcIMmcCpwdHGj6AgOtMhVZTJMuCcyghZYNBkmhjflxGLHqh1sTizsorSfdS2vtOjdWFOvX2Quk7JxclAokz50-ICjMaHirHs7E18oruW-cG2aPDDjNZ2U%26cry%3D1%26dbm_d%3DAKAmf-DjbGthtoIVxQ6_x69oKpzzx4g5EO0fhGfEwqwfvO7e5lKdYBlyefgLZ6QZ7owqBzLdtLB2wjZZYubEb1aw2SVrqTcagi9GtpvvvoV12hJBBYRuP0sHGwy2vfGzM9hU8N5EfUS8UYOd6-dLPHI88u1Ypgz6xo84zCmPZG0xRfhqlo1yVeUTeRy0Qs4TsJaKTyyEhuN1IK6Xfl83BJG_9o-1gbeF7oNzwJ2W9YIrQ-fRixV8XdQDAPBZwVgjwTdV-EAzk2_8zsQWH2eFG_gtoHhHBqI5bOjN885cPg7t8M6Re47EyOMkwDtSGE2L0jmL9rIAzIK3qaL5-DY2yg7q5FuAZXk_X5GkmfbGtlHgtX88XyCKID-GHzycIzAv73uZFa75Q8K9a6BqkP9aXgxZFCSZf7S7jFyI4DsouqGVEI4gxH9J885wUxxLEz9pP8aFjVnV5Z6D4ee34lSyNy-xdDKWsBSWSFkgvp57aLzNlpC2EWJN4392sIYxT0q0X2SYZqFNDeqfkU6reRoJNsSvp14WcJcwDq3_1c3EYhb8azZlP7hspcw%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=1596918170643&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900012.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d5994fa0e5&subid=&uid=ccad0bfc9a07019b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyMu53FVTZYjYNs3TgAfW6qyoD6blvaBpnZecp8kP8C4QASDln-4sYJWKiY6wB8gBCakCqyTXQ4zxsT6oAwHIA5sEqgSSAk_QID2fKw7t-zy5mTzT3o3kz6e4ZPjwo4veZYjWvl7K-cL4Yut5nxZCVCBs5gLSbTiAHIAUIfDPnPwB0PhdBIPAnTmCohNY_-khp9l9Cip_JCni4blk3cqO_2dlFUbuKE8pFzkV-6NaQlUrWdwqFCPZJkeNzbONbx5NarNM05G5hoMQ9qgm2sh8rHKgo4fXA99CGfEOo-aW_fTsZBYxBqP-XjiPlhW17GzDuVL5Sr7f6hjb3SuCupEZc3Aa0fzN9RoG7pGqbNRxbmxd52oJ-89Gxwn1IkgebYHOBlfU5ocH7MxwYPsY__Wlc5rtXVvp2B9zn1gPkrhCntMqAswjw4XVuWQ8Mru4fcdAH3CCWjp6lFTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwjq_KXHrcOCAxXNKeAKHVY1C_WwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJ-PA_oImov2HbtOUXsS35Q8AGmUFoYwl6koonX5Mi6f_S4g_4pKD7s9e3fQgV8LIaxeepUWb1P6fDCzHv0PmhOiXBtjZHnhncRgB%26sig%3DAOD64_3bVWjJWL5iGyXbEds_5rcbfqEtwA%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-DU0JzzV6e-88SRLt5uI9Zt9GymUR0nOuS1b7p7TJ_oHC3wpKjnrA_lliKuqHQcIMmcCpwdHGj6AgOtMhVZTJMuCcyghZYNBkmhjflxGLHqh1sTizsorSfdS2vtOjdWFOvX2Quk7JxclAokz50-ICjMaHirHs7E18oruW-cG2aPDDjNZ2U%26cry%3D1%26dbm_d%3DAKAmf-DjbGthtoIVxQ6_x69oKpzzx4g5EO0fhGfEwqwfvO7e5lKdYBlyefgLZ6QZ7owqBzLdtLB2wjZZYubEb1aw2SVrqTcagi9GtpvvvoV12hJBBYRuP0sHGwy2vfGzM9hU8N5EfUS8UYOd6-dLPHI88u1Ypgz6xo84zCmPZG0xRfhqlo1yVeUTeRy0Qs4TsJaKTyyEhuN1IK6Xfl83BJG_9o-1gbeF7oNzwJ2W9YIrQ-fRixV8XdQDAPBZwVgjwTdV-EAzk2_8zsQWH2eFG_gtoHhHBqI5bOjN885cPg7t8M6Re47EyOMkwDtSGE2L0jmL9rIAzIK3qaL5-DY2yg7q5FuAZXk_X5GkmfbGtlHgtX88XyCKID-GHzycIzAv73uZFa75Q8K9a6BqkP9aXgxZFCSZf7S7jFyI4DsouqGVEI4gxH9J885wUxxLEz9pP8aFjVnV5Z6D4ee34lSyNy-xdDKWsBSWSFkgvp57aLzNlpC2EWJN4392sIYxT0q0X2SYZqFNDeqfkU6reRoJNsSvp14WcJcwDq3_1c3EYhb8azZlP7hspcw%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=1596918170643&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 329
  • https://hal900028.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d510c1527b&subid=&uid=fc38f143b1162c35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpRGl3FVTZZHsN_iU1PIP6IaB6AKm5b2gaZ2XnKfJD_AuEAEg5Z_uLGCViomOsAfIAQmpAnPLXgwK8rE-qAMByAObBKoEkwJP0MirW5SLarVim6tYcIltyxbCEJzjrrW83iH1gxjBaOBwvKzX7116a6e33ogPjLGZZeZ-wfj9BQ4-9YyDlm8K-F9_PqHvMd52qdkxtejCYV_plqBDagjYb2rYK2AHUBcX91s-Oj9A0uVX_4Mnh6C3gx7bw-_QLLAWwrR95JEg3Xmxyul0KiGYDYcFeulqvaZAWuWNLR1kBmecUKWIaFjXOeuiFO1xiEG9_NaUPmzCNXp7AzQXsTqudK4xPdMioN6ZdYqHt11AF7KpSHn-tKfMDk1LTj_Kg4JeIlOlZQpAR4-UI3aWS8z-bKD-i9UKtUEUq2QFIR3yfxJuH8NyMA28ELI6U_mZ8JAbW8nzlauHkBB2x8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlikrqbHrcOCA4AKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJEReINEwjghKfHrcOCAxV4ClUIHWhDAC2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNGaQSiVXIkn9tkV6ostm2ZsIATzgWtUWMPeK-tLWKdxxZkbbv6BqUgGXCigfm8Emq28chWyAmAKW-O8NKcdDObFAY74gGh9HHLxgB%26sig%3DAOD64_1KE8npkfvS_Tdwd9NwD3phsqnGLQ%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-AKfF5dqx2bEVRVPVu2tRnQEGpJaQkbwOKf5k2_GB4vN4r-7PklsvdKqIr0gV3Y8H4WXQYhUf3T3DiYPoxydvA8jnjvTWM7XtiowG3V7STII8yx-Q7SewKKTM6WRa6MZiHplqTrPqV22SkgoR8XdE14bUlDCkB9PUgQwik3V2R1WhGLAio%26cry%3D1%26dbm_d%3DAKAmf-CrUNH-2zug5ethKVL2JZuSMEJ2WBp2ZhaFpcKFLPjv1q0yJY1LlRaJdzVizPwbp1f4iAkRdj-HLB5ZD9cGe0vCr7jsfaOJOLIxJmykYf-aqWBKsXmvl-0bi7Gj0gtESW9Qa570EK7qI34AQW6dt-9B9wj7fmrkQp7_9jidVjL0t62akLDeYYMzNYHhWlOY02gS2kG6tQocCKTFREkxTj2xOEZHgNgpG88eh1ChRxGboFEz1sxVOm0RiMfbaOKrOKUpJ7bZ2uOBhB4Q6ojPg2kNtv2IkMXNiqPHwHjkprBWyYYdiSKER8KqDwmNvCVCJCoaJqtLTgLTbceZBbLPwtFoRW7iQb1kc4LvJAReWzSHBCq8ZgZjZB_4yUcDRc-_nUxDkzoJMuEa_msmWNTZIs3isFy6ueHqjnSYJyykBb6NSwqkZnuASmXb9ym_EmEUwS1xi963W4rxNTDA5XjJ_ms150c5dtPRlNbSadY1g-DP9XTdbLLipbbAdCeZx5SzHvRao1TFZTyWoWqzEJ8lv2FN10OmE9E7V7W8NL8rpK-G-n3SJis%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=2925892071895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900028.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d510c1527b&subid=&uid=fc38f143b1162c35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpRGl3FVTZZHsN_iU1PIP6IaB6AKm5b2gaZ2XnKfJD_AuEAEg5Z_uLGCViomOsAfIAQmpAnPLXgwK8rE-qAMByAObBKoEkwJP0MirW5SLarVim6tYcIltyxbCEJzjrrW83iH1gxjBaOBwvKzX7116a6e33ogPjLGZZeZ-wfj9BQ4-9YyDlm8K-F9_PqHvMd52qdkxtejCYV_plqBDagjYb2rYK2AHUBcX91s-Oj9A0uVX_4Mnh6C3gx7bw-_QLLAWwrR95JEg3Xmxyul0KiGYDYcFeulqvaZAWuWNLR1kBmecUKWIaFjXOeuiFO1xiEG9_NaUPmzCNXp7AzQXsTqudK4xPdMioN6ZdYqHt11AF7KpSHn-tKfMDk1LTj_Kg4JeIlOlZQpAR4-UI3aWS8z-bKD-i9UKtUEUq2QFIR3yfxJuH8NyMA28ELI6U_mZ8JAbW8nzlauHkBB2x8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlikrqbHrcOCA4AKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJEReINEwjghKfHrcOCAxV4ClUIHWhDAC2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNGaQSiVXIkn9tkV6ostm2ZsIATzgWtUWMPeK-tLWKdxxZkbbv6BqUgGXCigfm8Emq28chWyAmAKW-O8NKcdDObFAY74gGh9HHLxgB%26sig%3DAOD64_1KE8npkfvS_Tdwd9NwD3phsqnGLQ%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-AKfF5dqx2bEVRVPVu2tRnQEGpJaQkbwOKf5k2_GB4vN4r-7PklsvdKqIr0gV3Y8H4WXQYhUf3T3DiYPoxydvA8jnjvTWM7XtiowG3V7STII8yx-Q7SewKKTM6WRa6MZiHplqTrPqV22SkgoR8XdE14bUlDCkB9PUgQwik3V2R1WhGLAio%26cry%3D1%26dbm_d%3DAKAmf-CrUNH-2zug5ethKVL2JZuSMEJ2WBp2ZhaFpcKFLPjv1q0yJY1LlRaJdzVizPwbp1f4iAkRdj-HLB5ZD9cGe0vCr7jsfaOJOLIxJmykYf-aqWBKsXmvl-0bi7Gj0gtESW9Qa570EK7qI34AQW6dt-9B9wj7fmrkQp7_9jidVjL0t62akLDeYYMzNYHhWlOY02gS2kG6tQocCKTFREkxTj2xOEZHgNgpG88eh1ChRxGboFEz1sxVOm0RiMfbaOKrOKUpJ7bZ2uOBhB4Q6ojPg2kNtv2IkMXNiqPHwHjkprBWyYYdiSKER8KqDwmNvCVCJCoaJqtLTgLTbceZBbLPwtFoRW7iQb1kc4LvJAReWzSHBCq8ZgZjZB_4yUcDRc-_nUxDkzoJMuEa_msmWNTZIs3isFy6ueHqjnSYJyykBb6NSwqkZnuASmXb9ym_EmEUwS1xi963W4rxNTDA5XjJ_ms150c5dtPRlNbSadY1g-DP9XTdbLLipbbAdCeZx5SzHvRao1TFZTyWoWqzEJ8lv2FN10OmE9E7V7W8NL8rpK-G-n3SJis%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=2925892071895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 330
  • https://hal900018.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=01658e19c1&subid=&uid=0e508188aba18ac7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLf733FVTZYzdNY7XgAepuIZopuW9oGmdl5ynyQ_wLhABIOWf7ixglYqJjrAHyAEJqQJzy14MCvKxPqgDAcgDmwSqBJMCT9D9NWVYaJS-x6lxfSZMMaIrgzDgB3p0tgC5a80aLpKlha8XpbaAVR1zsAQtovZngr6uCmeCaxWySj3Z_bDAAi45k66GmLZ4KKizgwi99S8HN0XCilnopENruhGN9U-Q4xB3NACl9VuS0RiYtEKyC5aP5gRcQOQGDzchjJ8IB1L8jqvRRE7JGzMQsxMzAWcXO-K3zHwzNEGhcjMf0mEIX77VDHxtolEkqc3iAPwm8fPsLIwG6JhgpdfPj-yh2tCofv_VoEd6WMasC5JISYFE6Upflm423W5m0J8TmVZL0BGjMThl-saaJbeP4InQIVTbf3N9Mg3w8zkd-MuqQYlBPsQK81y91l_DIB3hZp2JfNvtpfrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIi6ilx63DggMVjivgCh0pnAENsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNKMc21PVJv9TBjC12dsfZBIGIZthRt86xw2TVkkCzHT99ipsn2hs7jYzK-1Jw1cM6wArr4zY_h7RRC0t0Osrk5jsvG5Qd5G_F3RgB%26sig%3DAOD64_3ms2PEbB1JIjtfV1zZB3HT11unqg%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-Boyc4ssyouytgNw2_jP9mzRV8dqDf1dFLTK7_S4Hs0Sg5tgexfCtv8F14YSx6TpEd2Xxi7DL1R9-jzCXWz4s7974NvaD3-siontYBNA7iILr4H5SLAAMLg93dW5Yw6axAK77ZpxP7n4U6S8-2dq3juJYtyMMgtTzbHglL9wuLda-pOIZ4%26cry%3D1%26dbm_d%3DAKAmf-DuHXVx2cRuRRX-urWcHEIfrL072f05il0sNIoR8XBIZ4Zq8ltczojhHrU3yK1YIUkqxzEObpnZ28If-r2q6qqBWioBhHruD50g1U-oRjSZ6KIK3hK_ZV82u3CR4jcnFrZjw-3ZKqBFhgWrCHhac4BQLGlrqYT2VTbMt8bESuov-jdq6FVUVi_VLiEPB8bqZX6uTm3cuI_qS1mk2asFdpxno3_GBKlB3MBdBPa6XeIuNraJ7EzFL1YggGZ_RG4vF7YG90o5QuNXGxu-dXYu5sg_-wQGUHqzs8-veKaiCoktCQ-cdGu-l8FW7CBtmJ9bSlTIOKgdGac90U_y4T3l35nBbELlAJcQqWb7HdmAvOVG7uojcKY8CAqrC0HY1KXmBwN5uG2xGOW6h7TZPxbS78BUx6qwlpB_7YsoNQF1Bo1FZMZXWw7omv5jqxdPoRaJbDYCn6fg3geSUHR17shlNuowGf-cUck5DEyyOkTBNTUc3XcPLFmH__JA7Pg1vXvsbTf_zHUa1hCBtkSf-q1kyjC_z3qILzFAMOKocqGa34b_1AbgPgk%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=4466324791177&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900018.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=01658e19c1&subid=&uid=0e508188aba18ac7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLf733FVTZYzdNY7XgAepuIZopuW9oGmdl5ynyQ_wLhABIOWf7ixglYqJjrAHyAEJqQJzy14MCvKxPqgDAcgDmwSqBJMCT9D9NWVYaJS-x6lxfSZMMaIrgzDgB3p0tgC5a80aLpKlha8XpbaAVR1zsAQtovZngr6uCmeCaxWySj3Z_bDAAi45k66GmLZ4KKizgwi99S8HN0XCilnopENruhGN9U-Q4xB3NACl9VuS0RiYtEKyC5aP5gRcQOQGDzchjJ8IB1L8jqvRRE7JGzMQsxMzAWcXO-K3zHwzNEGhcjMf0mEIX77VDHxtolEkqc3iAPwm8fPsLIwG6JhgpdfPj-yh2tCofv_VoEd6WMasC5JISYFE6Upflm423W5m0J8TmVZL0BGjMThl-saaJbeP4InQIVTbf3N9Mg3w8zkd-MuqQYlBPsQK81y91l_DIB3hZp2JfNvtpfrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIi6ilx63DggMVjivgCh0pnAENsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNKMc21PVJv9TBjC12dsfZBIGIZthRt86xw2TVkkCzHT99ipsn2hs7jYzK-1Jw1cM6wArr4zY_h7RRC0t0Osrk5jsvG5Qd5G_F3RgB%26sig%3DAOD64_3ms2PEbB1JIjtfV1zZB3HT11unqg%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-Boyc4ssyouytgNw2_jP9mzRV8dqDf1dFLTK7_S4Hs0Sg5tgexfCtv8F14YSx6TpEd2Xxi7DL1R9-jzCXWz4s7974NvaD3-siontYBNA7iILr4H5SLAAMLg93dW5Yw6axAK77ZpxP7n4U6S8-2dq3juJYtyMMgtTzbHglL9wuLda-pOIZ4%26cry%3D1%26dbm_d%3DAKAmf-DuHXVx2cRuRRX-urWcHEIfrL072f05il0sNIoR8XBIZ4Zq8ltczojhHrU3yK1YIUkqxzEObpnZ28If-r2q6qqBWioBhHruD50g1U-oRjSZ6KIK3hK_ZV82u3CR4jcnFrZjw-3ZKqBFhgWrCHhac4BQLGlrqYT2VTbMt8bESuov-jdq6FVUVi_VLiEPB8bqZX6uTm3cuI_qS1mk2asFdpxno3_GBKlB3MBdBPa6XeIuNraJ7EzFL1YggGZ_RG4vF7YG90o5QuNXGxu-dXYu5sg_-wQGUHqzs8-veKaiCoktCQ-cdGu-l8FW7CBtmJ9bSlTIOKgdGac90U_y4T3l35nBbELlAJcQqWb7HdmAvOVG7uojcKY8CAqrC0HY1KXmBwN5uG2xGOW6h7TZPxbS78BUx6qwlpB_7YsoNQF1Bo1FZMZXWw7omv5jqxdPoRaJbDYCn6fg3geSUHR17shlNuowGf-cUck5DEyyOkTBNTUc3XcPLFmH__JA7Pg1vXvsbTf_zHUa1hCBtkSf-q1kyjC_z3qILzFAMOKocqGa34b_1AbgPgk%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=4466324791177&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 352
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=28026600061237504445002012508028&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28026600061237504445002012508028&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 355
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6956750401400.969 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_b-Metw4IDFaHJOwId_v8PPw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6956750401400.969
Request Chain 357
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28026600061237504445002012508028&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28026600061237504445002012508028&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 359
  • https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=48734300048605804445002012508018&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48734300048605804445002012508018&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 361
  • https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=48734300048605804445002012508018&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48734300048605804445002012508018&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 364
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=66239100049493304445002012508012&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=66239100049493304445002012508012&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 367
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=293590904678.5912 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CJHY-Metw4IDFdTMmgodQLYF2w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=293590904678.5912
Request Chain 369
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66239100049493304445002012508012&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66239100049493304445002012508012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 409
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9059006749647.91 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=COTUjsitw4IDFSfMOwIdVgcKWQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9059006749647.91
Request Chain 445
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=twire.gg&sn=ChromeSyncframe&so=3&topUrl=twire.gg&bundle=FR9OWF9ZWXlrY3ZUQmp6U0VzVXg0UTNYMVFlazhNb20wdFRhcmJrQU5wJTJCQXJGQVg1RERCNnNVa2dyZzNuVlIlMkJOWlBCZEZPU3BxbnVsdXdya0FjeW01ZmVWUmQlMkZuWlBZWExGYVdkZGZGWSUyRkxSRmklMkZzYXJzWTF6VVliWWZGTW82eHglMkZuMXZtR0h6bGdEMnM2dWNCS1RKMjQyeHclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=2ylC_XxUV09vUGE1VGFIK0gxMDEydmsrL01QTmttT3lDTXNEa1NpSm9LWW5qcmR0SmZqSzgzUmdqZ0hjME03U3lOMm1RTFRRNFV2U29NMGdnL0hjTFc1RncrOVArbFZ0Rkg5cVdtYWdXbUVVR3UzQzFsQmFZMkFiaUpIWEk1SWpIek95eEpNbHpMYmNMZEJISUw0Q3RFREhVaEdpbjduUHNVSmRhV2x0OE4rU0JhZDdiYmkzeCsybzJsTEVzMFJjRXJzQTdDMC91VmxVUk5SdlpNZDJibG9yM2lYTU5EYW5Ncy85My9LTG91MlNYenRBcVlic1ZMVnR5R3hSaHpWVFRRbWcvV1ozNmo4K0ZsSzZ5ck15dEdSa2JPUT09fA&cppv=2
Request Chain 485
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBM-OG6sUSLvEAYqu76Um2A&google_cver=1&google_push=AXcoOmQqU-GwdpiF60zjdeBWGltdkLLU8i02lOCZnJKnyOAjgT-dFZTBk9BatkX6MbDLf9wavhoBbOUkDi52P1WAD75m2aFuwmorbUs HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBM-OG6sUSLvEAYqu76Um2A&google_cver=1&google_push=AXcoOmQqU-GwdpiF60zjdeBWGltdkLLU8i02lOCZnJKnyOAjgT-dFZTBk9BatkX6MbDLf9wavhoBbOUkDi52P1WAD75m2aFuwmorbUs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RWFvdnNLMkIxUjJSa2s1&google_gid=CAESEBM-OG6sUSLvEAYqu76Um2A&google_cver=1&google_push=AXcoOmQqU-GwdpiF60zjdeBWGltdkLLU8i02lOCZnJKnyOAjgT-dFZTBk9BatkX6MbDLf9wavhoBbOUkDi52P1WAD75m2aFuwmorbUs
Request Chain 488
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPPkTwnWSMg7g85Za8cXiu0&google_cver=1&google_push=AXcoOmT5KVpVFV2WPWFj8mzIqxGTZ1arQj1q-xBo4mr4FuQfmyOowAwGt9OheiYNguJzeUNrFb1vOzr23oV7axvT9LYbaj1eVFnIKJ4 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPPkTwnWSMg7g85Za8cXiu0&google_push=AXcoOmT5KVpVFV2WPWFj8mzIqxGTZ1arQj1q-xBo4mr4FuQfmyOowAwGt9OheiYNguJzeUNrFb1vOzr23oV7axvT9LYbaj1eVFnIKJ4&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT5KVpVFV2WPWFj8mzIqxGTZ1arQj1q-xBo4mr4FuQfmyOowAwGt9OheiYNguJzeUNrFb1vOzr23oV7axvT9LYbaj1eVFnIKJ4&google_hm=aEhZU1ZrWmg3b3dlSHNmVWJjV0E=
Request Chain 489
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJoMzzr0qXaRwQ3-9Cyahgw&google_cver=1&google_push=AXcoOmT9hHwlesEr4VbVnTBNfuBbKm8JOFKwrf3UFly8wjkWcNg4SjH9dft71MYaJ2VkdVlPMlq4Z_HU_ANSWv8wZBPz_zpoCj39QWA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=M24NVg__WRVaKUT8W4z3F7Ki0Ys&google_push=AXcoOmT9hHwlesEr4VbVnTBNfuBbKm8JOFKwrf3UFly8wjkWcNg4SjH9dft71MYaJ2VkdVlPMlq4Z_HU_ANSWv8wZBPz_zpoCj39QWA
Request Chain 490
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGpC0Sr6hUQKU9REikBOhLI&google_cver=1&google_push=AXcoOmQEEESHYUGjN7SzuL2hsBOjjtL9HzWIxl6tV1O2_orbaGPxPRRfTZk4p3viUMZXrtm3J4YaTXkbaDTOejmp5X6Ufpf1SBnPMlQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQEEESHYUGjN7SzuL2hsBOjjtL9HzWIxl6tV1O2_orbaGPxPRRfTZk4p3viUMZXrtm3J4YaTXkbaDTOejmp5X6Ufpf1SBnPMlQ
Request Chain 508
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVNV3Q3t9Eex1CBZrRTnsgAA%265222&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVNV3Q3t9Eex1CBZrRTnsgAA%265222&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=4d3a3184c6a44799b185fff03656f84d HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=4d3a3184-c6a4-4799-b185-fff03656f84d HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=064f3d94-ffd7-4d49-b8da-e7f854efbc34%3A1699960291.7912211&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D064f3d94-ffd7-4d49-b8da-e7f854efbc34%253A1699960291.7912211%26_%3D1699960291.7932398&cb=1699960291.793274 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588527451842434&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D064f3d94-ffd7-4d49-b8da-e7f854efbc34%253A1699960291.7912211%26_%3D1699960291.7932398 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=064f3d94-ffd7-4d49-b8da-e7f854efbc34%3A1699960291.7912211&_=1699960291.7932398
Request Chain 510
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVNV3Q3t9Eex1CBZrRTnsgAAFGYAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVNV3Q3t9Eex1CBZrRTnsgAAFGYAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 511
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVNV3Q3t9Eex1CBZrRTnsgAAFGYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBfxMY3va6lJgW3-eGPuUmk&google_cver=1
Request Chain 513
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZVNV3Q3t9Eex1CBZrRTnsgAA%265222?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZVNV3Q3t9Eex1CBZrRTnsgAA%265222
Request Chain 514
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715685089&external_user_id=70bc47d6-6da5-4ed3-91f9-1c2b6896ecde

516 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
twire.gg/
Redirect Chain
  • http://twire.gg/
  • https://twire.gg/
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fac6996dd2267a402f0484adca75de4c96fd4d35b6f499b6698466ed99451d74

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84
content-length
6115
content-type
text/html
date
Tue, 14 Nov 2023 11:10:00 GMT
etag
"b03caa181cd2e8cb9fae1bd6a03391db"
last-modified
Wed, 21 Jun 2023 10:02:21 GMT
server
AmazonS3
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-id
wulR7iP9wcMCW8Dw_B-uPZF3HsNO9sEPYyOZCYeWRaOfGXq2VnbPLA==
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Tue, 14 Nov 2023 11:11:23 GMT
Location
https://twire.gg/
Server
CloudFront
Via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
X-Amz-Cf-Id
4nnHbrWJ83T1fZ3pRmMyUsVsdHDlS6nzQ_sAzP6enyM2Ul2kJG3KJA==
X-Amz-Cf-Pop
FRA56-P5
X-Cache
Redirect from cloudfront
js
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TGS0SKWZ8C
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca75b50f3af4ac3766b5a121f506782595a346caad6023436ccb68dde7b56897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85875
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 11:11:23 GMT
2.10a7b77b.chunk.css
twire.gg/static/css/ 		60 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://twire.gg/static/css/2.10a7b77b.chunk.css
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff5d1a24c075eabe4b1ee31825e2f76b6c55aac8abecdde21f5a4567189cf70d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
286
etag
"c630660f5beccdd885080e9024018f03"
x-cache
Hit from cloudfront
content-type
text/css
content-length
61195
x-amz-cf-id
9GofxoV2fU4iJw_2FDSDF5qZ4pBB_dgdxPy7vj37qOAZh9pjj13yzQ==
main.fe7ef793.chunk.css
twire.gg/static/css/ 		364 KB
365 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://twire.gg/static/css/main.fe7ef793.chunk.css
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4212de2981b28f1fa76a6c1b88a8b2219c8998c7f0c3ef22ff6e7f82a63c3f1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
286
etag
"e528a32673aacd7e01693d8134b58397"
x-cache
Hit from cloudfront
content-type
text/css
content-length
372833
x-amz-cf-id
OO6ijVy3_ANkpjBtuygEOGc06pE0QdA6kG6KadflesH1vdgieIzZug==
2.a0767e72.chunk.js
twire.gg/static/js/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://twire.gg/static/js/2.a0767e72.chunk.js
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd32bd6c0095ddf2ab3ea5aeb96e3c6f107946d7ed33dc8a3992d9cd5085f0f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
286
etag
"783bb0a6a1f0864a644491635878927d"
x-cache
Hit from cloudfront
content-type
application/javascript
content-length
2552770
x-amz-cf-id
fGMUnqT_k89gCzePzjV6jiN-uPPbrX74I8ezNLdwQ-Ly74xVOdJTJQ==
main.261a2727.chunk.js
twire.gg/static/js/ 		627 KB
628 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twire.gg/static/js/main.261a2727.chunk.js
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4f230269822236113ecde61a3f6c70dd08fff83314467021aa058d6e1f6d2fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
286
etag
"c99d688c7457f4279d9e984169a851f2"
x-cache
Hit from cloudfront
content-type
application/javascript
content-length
641990
x-amz-cf-id
5X9uID0kkw5F8FUEI3Fusj4gkTZcPZz31CVqJCbYM_vFo83sTc9yJg==
gtm.js
www.googletagmanager.com/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDKRHQ2
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e42d362386dbc519c8ab9d033c98d0df5c047ef1070d97fb49ed65ca6d7360f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68032
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Nov 2023 11:11:23 GMT
1et2vo146
embed.tawk.to/6011ea7fc31c9117cb73359e/ 		2 KB
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/6011ea7fc31c9117cb73359e/1et2vo146
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3fcbdaf7baea9cbaadf75cbe17eec5fe82a7b0c9b1511e7378cabbed998b24
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
Origin
https://twire.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
server
cloudflare
etag
W/"stable-v4-653fa0ef1ea"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
cf-ray
825ed039dbd49064-FRA
alt-svc
h3=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 14 Nov 2023 11:11:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
u8LVPyqye4Z/ZqtpSllCMhyH2t7QrUX/9j07389zBTHjIzaVRjMX/eDl0qLnBOov5ubpNKOJ6guDFd4z6OpZ/w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
63607e6ee59ca5168704116719ae0d01.js
scripts.cleverwebserver.com/ 		152 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/63607e6ee59ca5168704116719ae0d01.js
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b754d526ef26265fa0f7d4ad271c17f57c00ae80076eac46aae9a03a80d847

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
x-amz-version-id
VKePouGYBkEnczToadOgcTiO7tfbPbm9
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Nov 2023 19:01:48 GMT
server
cloudflare
x-amz-request-id
899JTC1ZT2FQVTMK
age
650
etag
W/"d4434e7a1614d46ee27f1a4cec0131ce"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
825ed039fc2d6903-FRA
x-amz-id-2
SkHQ37fctuhZ/gS2C0/rzGeXyuiYiLKJCM3/jI4cbVnRrmXG1BVeYw3bC/RSh84nS/wMUrykpnE=
expires
Tue, 14 Nov 2023 11:41:23 GMT
hotjar-3175073.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3175073.js?sv=6
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-10.fra56.r.cloudfront.net
Software
/
Resource Hash
809fe664331ac3595eb7325295d42c43584df79fc140bcd2f48359b931f2753f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
8
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/b4a698b1bc2879f35440f6045693c4af
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
rWcCzSR8i5aIx6Go7WAVZuUx0GUf-LjkB7jiotTgOCDToJAf62BaZw==
modules.4fff30a11f83c70bc2a1.js
script.hotjar.com/ 		225 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.4fff30a11f83c70bc2a1.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3175073.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
a603b2b20c78990ff3b6b9e99a5d303b936d8885950ced8135df87c23eff4f20
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 12:03:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
428897
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
57093
last-modified
Thu, 09 Nov 2023 12:03:05 GMT
etag
"90fe477ee0715709dc5b1153c76d0f7a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
12G4FnlYtbLIUh5LzFK23CY8P2O-znUMV-2VB5ATiINEySx5pRWRTQ==
1359949434375907
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1359949434375907?v=2.9.138&r=stable&domain=twire.gg
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed385b8cd20466568e23146465e67ac9f063112263b85616c696ca40cd8c18ce
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 14 Nov 2023 11:11:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
KhoCfGIW0QD0G0J3J3c8iBJAX3CkH8BIErhbfvOMhiYi36NqB9I+t+TFZjn0IssM5TaZTLCzHhyyBOVAW6/Tww==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ui.cleverwebserver.com/ 		160 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b6995e8349679d5a2cced78a0dd1c8e3cdd06103da575cfb1164be431495e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cf-ray
825ed03a7ca06903-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
js
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TGS0SKWZ8C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDKRHQ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58878384a25530a6b2f771d1956daef366585f69018f0bec2b965fc6f9b52b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85969
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 11:11:23 GMT
v3
js.stripe.com/ 		552 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: twire.gg
URL: https://twire.gg/static/js/2.a0767e72.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-113.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b2f9d40677eaea428eb387e6eddf9d171187e9a7a6fc23865fea6652a11f9a5e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:10:51 GMT
content-encoding
br
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
34
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
last-modified
Mon, 13 Nov 2023 21:47:07 GMT
server
Cloudfront
etag
W/"745e82fbcfeb5b677809d10fe5a0146a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
Fl40ShQTXEIWKSkzG1RlXOUrgkwm7rB1jw9wMvsF0wH_cLPPDt4PCw==
loader.gif
twire.gg/images/animated/ 		549 KB
550 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire.gg/images/animated/loader.gif
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef29b9f9460612eadb83cd3200a11b5758da32758d749a41b03bb1063dbf4148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Thu, 30 Mar 2023 09:30:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
278
etag
"3bdae298494ae281ce5e3cddeee531d0"
x-cache
Hit from cloudfront
content-type
image/gif
content-length
562503
x-amz-cf-id
Moou_KeCrtC1rj696QeLEBjcnfqR9PqKrHgdUyy35sZgZ6EuI_bV4Q==
logo.png
twire.gg/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire.gg/images/logo.png
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5df2fa7fd62d8dca0e164d3512c88a4b0b911af7a9f465f2509ea8528d8c87b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Thu, 30 Mar 2023 09:30:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
278
etag
"4babd0699a0dc52a14e486eedecfd17d"
x-cache
Hit from cloudfront
content-type
image/png
content-length
4271
x-amz-cf-id
EnzDEsfM-Qtt59BpzgHfe1WGuISdzHYjtwGPAff2DTu8osP_nwTR4w==
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cec791016f6953833b54fd9dc33c877a9b74290cf57da24acc9a58d803d2fec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
OpenSans-Regular.1b0809d5.ttf
twire.gg/static/media/ 		95 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://twire.gg/static/media/OpenSans-Regular.1b0809d5.ttf
Requested by
Host: twire.gg
URL: https://twire.gg/static/css/main.fe7ef793.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

Request headers

Referer
https://twire.gg/static/css/main.fe7ef793.chunk.css
Origin
https://twire.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
278
etag
"3ed9575dcc488c3e3a5bd66620bdf5a4"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
content-length
96932
x-amz-cf-id
beh2StjKq_S9u8KM-0PsHc_en-ZXG6CxJqCbLAHwyH3T06ZpZAyk5g==
Fort%20Foundry%20-%20Rift-Regular.81af222e.otf
twire.gg/static/media/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://twire.gg/static/media/Fort%20Foundry%20-%20Rift-Regular.81af222e.otf
Requested by
Host: twire.gg
URL: https://twire.gg/static/css/main.fe7ef793.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bbd6854e9ed99d0999bc1ccdd606805c23463a2c485ec2d28c2266d7f5df4ae

Request headers

Referer
https://twire.gg/static/css/main.fe7ef793.chunk.css
Origin
https://twire.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
278
etag
"f37ad06e269b68edd89dc2a67be1f57c"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
content-length
36360
x-amz-cf-id
kWbLpXA-GLO7fGzGebjJ7GovWdA1dVNH80ozvOzQB4ADIH7_pOGe4Q==
Fort%20Foundry%20-%20Rift-Bold.f4cd0620.otf
twire.gg/static/media/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://twire.gg/static/media/Fort%20Foundry%20-%20Rift-Bold.f4cd0620.otf
Requested by
Host: twire.gg
URL: https://twire.gg/static/css/main.fe7ef793.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d24331b9ebae99b7c1a4f488e97e823f7efb8a4a9088911b8974dbbb9b34675

Request headers

Referer
https://twire.gg/static/css/main.fe7ef793.chunk.css
Origin
https://twire.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
278
etag
"c353c4fb836f184184b622baf00b15ff"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
content-length
36600
x-amz-cf-id
m6LFV7re_BkMwWSnHolwWiL-s8NWfQV0sfuwoNX9ciq-45bFReMn8A==
translation.json
twire.gg/locales/en/ 		14 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://twire.gg/locales/en/translation.json
Requested by
Host: twire.gg
URL: https://twire.gg/static/js/2.a0767e72.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
391734995276c705320f4128fb5479b2f3c8e308bc19637e3912db8887fbd7ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Thu, 30 Mar 2023 09:30:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
278
etag
"12aee4fe5ab7e882f8d3c5edade8d787"
x-cache
Hit from cloudfront
content-type
application/json
content-length
14770
x-amz-cf-id
h3V7PZCiQgmYe0UAy9no842L0UUKsVhSTWxfaKBYwjesmk_6_AkdMg==
gb.ba1c7f5d.svg
twire.gg/static/media/ 		538 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire.gg/static/media/gb.ba1c7f5d.svg
Requested by
Host: twire.gg
URL: https://twire.gg/static/css/2.10a7b77b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
825310f9bcc8892559317bfc87fc28d5d7bad06c02d562b5740aafcf4b040803

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/static/css/2.10a7b77b.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
228
etag
"d3ddd6025a06a78535b0d432d14905bf"
x-cache
Hit from cloudfront
content-type
image/svg+xml
content-length
538
x-amz-cf-id
t-Pv7FIYQBIFRjgsmj592Gd8jVjEYeap8CN-TPv5TC2deUiKA0849Q==
es.1a25a96e.svg
twire.gg/static/media/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire.gg/static/media/es.1a25a96e.svg
Requested by
Host: twire.gg
URL: https://twire.gg/static/css/2.10a7b77b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab3d438837b7f1c4ebce6980cc9274cd2e6adcc8af9be6f5cfc47ef2c4c464e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/static/css/2.10a7b77b.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
228
etag
"50623e6a761b392b5381ce35e8a77f99"
x-cache
Hit from cloudfront
content-type
image/svg+xml
content-length
90819
x-amz-cf-id
lHFeqm4xXVPkn_DSsqTveN7IozD_wm6I9o8tbapE-YzCeVYALCi0kw==
jp.19c631c1.svg
twire.gg/static/media/ 		474 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire.gg/static/media/jp.19c631c1.svg
Requested by
Host: twire.gg
URL: https://twire.gg/static/css/2.10a7b77b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e759dccba5bc383814ab190daba0d12ef591ad9f161502a47222c2eacf770606

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/static/css/2.10a7b77b.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
228
etag
"3e72015c537875435192c3b2d832042e"
x-cache
Hit from cloudfront
content-type
image/svg+xml
content-length
474
x-amz-cf-id
DtjDejyLU7NyCgDTm3sXgYWAnGhBQkZCw-2soEpiV6fX19Rnkzx2vw==
kr.939387c3.svg
twire.gg/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire.gg/static/media/kr.939387c3.svg
Requested by
Host: twire.gg
URL: https://twire.gg/static/css/2.10a7b77b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3162c67e01704d06fd77d78fefeb5937fee5f4ee326d369da13a5b25b75db16a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/static/css/2.10a7b77b.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
228
etag
"60fde7fc2f6005c1131b87ce63370ffd"
x-cache
Hit from cloudfront
content-type
image/svg+xml
content-length
1822
x-amz-cf-id
bTnidAMQjprnaAYmMqVbZBLDpGo0gccQUYogwBUWaQplhXq6CoDBDw==
br.5ec13287.svg
twire.gg/static/media/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire.gg/static/media/br.5ec13287.svg
Requested by
Host: twire.gg
URL: https://twire.gg/static/css/2.10a7b77b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5626545274de6de8e4e2c0f800b7b664bc3521f0ee9bc98547f3cbec3effe2d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/static/css/2.10a7b77b.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
228
etag
"87032851c3532c9dd64f20f4bee155a9"
x-cache
Hit from cloudfront
content-type
image/svg+xml
content-length
8097
x-amz-cf-id
PyGB_5zZbytY2wXUOAdRa65b4Dhw1qaHHd_9o5rEQh-KcNGKJBktaA==
th.b6ade2be.svg
twire.gg/static/media/ 		287 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire.gg/static/media/th.b6ade2be.svg
Requested by
Host: twire.gg
URL: https://twire.gg/static/css/2.10a7b77b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e206b563d27b5a7a3f7cabf944d6d278e6e8640018a72ce7b7ff989f1396df9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/static/css/2.10a7b77b.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
228
etag
"76fca72f6d180d3f14a55653b8937b5e"
x-cache
Hit from cloudfront
content-type
image/svg+xml
content-length
287
x-amz-cf-id
xry3uF5hDnMy_N9MQnUTvXo4btrw26RBoyBZ6dh_5IZPAd4EhHfawg==
tr.2880fc8e.svg
twire.gg/static/media/ 		554 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire.gg/static/media/tr.2880fc8e.svg
Requested by
Host: twire.gg
URL: https://twire.gg/static/css/2.10a7b77b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
033a416ecc30a516c54c6a0fac2d212a38fb051e5976cda49eb9d22264814a66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/static/css/2.10a7b77b.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
228
etag
"ed6d5f37779af38911b0b7cb2212e30d"
x-cache
Hit from cloudfront
content-type
image/svg+xml
content-length
554
x-amz-cf-id
mmbFGjoluHTbRoSPR6ut1kNDL6-DZvKHdj5oeQzXLZSiBg2iMg6j1g==
vn.2301f6f4.svg
twire.gg/static/media/ 		494 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire.gg/static/media/vn.2301f6f4.svg
Requested by
Host: twire.gg
URL: https://twire.gg/static/css/2.10a7b77b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1768f5ce4bad46f4907f598e6097e6e1340500f4d7d75a76266f3e6ab9463d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/static/css/2.10a7b77b.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
228
etag
"6b3aef51e8b58cf029a85087e87591b5"
x-cache
Hit from cloudfront
content-type
image/svg+xml
content-length
494
x-amz-cf-id
9Inb8xlVdidyvCcpvwVJW8MbtIyRoDoNQYdRup9tIshxQm45tZzwJg==
cn.7977e12a.svg
twire.gg/static/media/ 		801 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire.gg/static/media/cn.7977e12a.svg
Requested by
Host: twire.gg
URL: https://twire.gg/static/css/2.10a7b77b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e80d714480a795617992d733d0678e5ad5025f8852b35d20a402a78fce4ccaf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/static/css/2.10a7b77b.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
228
etag
"02c229de4d98ea1668384d2ed4cc558d"
x-cache
Hit from cloudfront
content-type
image/svg+xml
content-length
801
x-amz-cf-id
t876jdiUHTocbv_DZHHw17ItBTXeHhKFGx0hEOlkd7cb9JB-qvwGMg==
si.7f576d87.svg
twire.gg/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire.gg/static/media/si.7f576d87.svg
Requested by
Host: twire.gg
URL: https://twire.gg/static/css/2.10a7b77b.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25487f7aa91f115d558f031ffaf0d399924b032100d24d467c3bd1cb026d9001

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/static/css/2.10a7b77b.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
228
etag
"31fbdc5b5842cfa094afed00d9baf083"
x-cache
Hit from cloudfront
content-type
image/svg+xml
content-length
2053
x-amz-cf-id
fCxmWfUrYCoS442-zcO2gFynBdgnc8cyRaYFIdGw7c7ZcUE1Ksom8A==
team-ranking.json
twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-ranking/ 		11 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-ranking/team-ranking.json
Requested by
Host: twire.gg
URL: https://twire.gg/static/js/2.a0767e72.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b2728aa1c71b950cfd17ea8c387fc4c5dc0aadea367d706df3a4060d8e9c426a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Last-Modified
Fri, 10 Nov 2023 17:37:02 GMT
Server
AmazonS3
x-amz-request-id
C7FCD7XMSM186JJB
ETag
"1bd9b2ad249065a7f0a861b8d4a913d3"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
*
Content-Type
application/json
Accept-Ranges
bytes
Content-Length
11119
x-amz-id-2
cAIMWJ9nhc8CSzbWKEbc0TMmTH2tX1L7hQxbcN0acC/gzKruIgzSNhAe3udjUdRbJ1dJ+xprc0cuYNt5Bo/Bhw==
power-ranking.json
twire-assets.s3.eu-west-1.amazonaws.com/pubg/power-ranking/ 		659 KB
659 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/power-ranking/power-ranking.json
Requested by
Host: twire.gg
URL: https://twire.gg/static/js/2.a0767e72.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
bb9ead60188b7765764271169544188f8fd34e29c950417b6ac4e0a9715c81f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Last-Modified
Fri, 10 Nov 2023 17:35:16 GMT
Server
AmazonS3
x-amz-request-id
C7F1AKYRV56XHR6T
ETag
"ec0c6b16fd217eba206a9c7a78a0aea0"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
*
Content-Type
application/json
Accept-Ranges
bytes
Content-Length
674488
x-amz-id-2
Oqyp/PjVrZZdmoJ9XDcSxzwKzjXxZzV/kwGdXPCINRqXYqMpD8TKSukH+zv0gxDczFVhDvupGjSh8e1SUhhJmQ==
graphql
tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/ 		494 B
914 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/graphql
Requested by
Host: twire.gg
URL: https://twire.gg/static/js/2.a0767e72.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
/
Resource Hash
e3281c56225b0ee167aa10f945162d5c5959fc64ab8bdc0021c08a5816ef6f68

Request headers

accept
*/*
Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
x-amz-user-agent
aws-amplify/2.0.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
X-Api-Key
da2-vqpq6wms5ndbvhl2r7kvzbpmfi
content-type
application/json

Response headers

x-amzn-appsync-tokensconsumed
1
date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
58145853-b83b-4659-bf99-260e1b095bb7
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
content-length
494
x-amz-cf-id
PlnY9eo__s-R2UYhjqmef6i-iIZ9RqPU1cV-T1m7au8jk2BPLAOA7Q==
graphql
tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/graphql
Requested by
Host: twire.gg
URL: https://twire.gg/static/js/2.a0767e72.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
/
Resource Hash
51e3f9911fe5c56a5e4fb256ba68317be599a614ce258650dc4cf15322b4fedb

Request headers

accept
*/*
Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
x-amz-user-agent
aws-amplify/2.0.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
X-Api-Key
da2-vqpq6wms5ndbvhl2r7kvzbpmfi
content-type
application/json

Response headers

x-amzn-appsync-tokensconsumed
1
date
Tue, 14 Nov 2023 11:11:23 GMT
content-encoding
gzip
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
5c0c548b-caa3-4b30-9bd0-1d666152fb1f
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
x-amz-cf-id
yCF_OUvoEsMkbg6DAEEAh3dK4g8KDPhEFH946ii88-7wl_ZknR7SSQ==
graphql
tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/ 		17 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/graphql
Requested by
Host: twire.gg
URL: https://twire.gg/static/js/2.a0767e72.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
/
Resource Hash
469e718efaeca9adbf4cf853c1f3695435a83177a30f9b86cb68550cd50fb7d2

Request headers

accept
*/*
Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
x-amz-user-agent
aws-amplify/2.0.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
X-Api-Key
da2-vqpq6wms5ndbvhl2r7kvzbpmfi
content-type
application/json

Response headers

x-amzn-appsync-tokensconsumed
1
date
Tue, 14 Nov 2023 11:11:23 GMT
content-encoding
gzip
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
79989c2b-167a-4bf7-a3a5-c59ccc869233
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
x-amz-cf-id
FMyqvU7dtNb-71_Sz6v_X7Vnwg0YHGwiPXlvZcKWH0B67Pj1sU-jbA==
graphql
tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/ 		5 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/graphql
Requested by
Host: twire.gg
URL: https://twire.gg/static/js/2.a0767e72.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
/
Resource Hash
82e62e4e13c01a465e99e3936f4045109ecc591441f71f9b2b1769367cb9f8f2

Request headers

accept
*/*
Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
x-amz-user-agent
aws-amplify/2.0.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
X-Api-Key
da2-vqpq6wms5ndbvhl2r7kvzbpmfi
content-type
application/json

Response headers

x-amzn-appsync-tokensconsumed
1
date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
e48dfc46-3f26-4b7b-9847-d5819114c46f
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
content-length
5607
x-amz-cf-id
6y26d9MYQRYH_8EH-x3eRchaXPeAUVqt56GwWGKOYtb74DqK-SjhNA==
graphql
qu2qygng5zf4zbzt6j3wesx6fy.appsync-api.eu-west-1.amazonaws.com/ 		34 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qu2qygng5zf4zbzt6j3wesx6fy.appsync-api.eu-west-1.amazonaws.com/graphql
Requested by
Host: twire.gg
URL: https://twire.gg/static/js/2.a0767e72.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-2.fra56.r.cloudfront.net
Software
/
Resource Hash
980aaab4d8045ba522cf21175206f19ab377e582349e45bc1d9b2038f3761433

Request headers

accept
*/*
Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
x-amz-user-agent
aws-amplify/2.0.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
X-Api-Key
da2-76ksxkwekrcm5bn4divdkgspoi
content-type
application/json

Response headers

x-amzn-appsync-tokensconsumed
1
date
Tue, 14 Nov 2023 11:11:23 GMT
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amzn-requestid
b2dbd053-2890-4c5d-b6f5-b0b709c9fa1e
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
x-amz-cf-id
aY6Tt-IxRM0qE8RQmqwYVzEBFjGL8sOqKWNv3xxU3u3NxSMJ2txafA==
twire.adn.js
adncdnend.azureedge.net/adtags/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adncdnend.azureedge.net/adtags/twire.adn.js
Requested by
Host: twire.gg
URL: https://twire.gg/static/js/main.261a2727.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D05) /
Resource Hash
37e4f2e779cf4b5ed577553219d2859da20bb1f4fa49f19e18bf69fab3c7a638

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Nov 2023 11:11:23 GMT
content-encoding
gzip
content-md5
BTtOlhHJKAparBs1Y7/cXA==
age
2995
x-cache
HIT
content-length
4079
x-ms-lease-status
unlocked
last-modified
Wed, 26 Jul 2023 14:06:35 GMT
server
ECAcc (frc/4D05)
etag
0x8DB8DE185EFC575
vary
Accept-Encoding
content-type
text/javascript
x-ms-request-id
b26c7447-601e-009c-5ce4-16a53b000000
cache-control
max-age=86400
x-ms-version
2009-09-19
expires
Wed, 15 Nov 2023 11:11:23 GMT
Twire_ADN_Player.js
adncdnend.azureedge.net/adn-video/ 		390 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adncdnend.azureedge.net/adn-video/Twire_ADN_Player.js
Requested by
Host: twire.gg
URL: https://twire.gg/static/js/main.261a2727.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA4) /
Resource Hash
c42b50789ee613acb6fa2dea19e101a830a9c5c3697a8ded7d2e1cf11f790002

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Nov 2023 11:11:23 GMT
content-encoding
gzip
content-md5
d/myqqQmWIpw+Wu/Ke7NwA==
age
2995
x-cache
HIT
content-length
273
x-ms-lease-status
unlocked
last-modified
Wed, 22 Feb 2023 13:59:12 GMT
server
ECAcc (frc/4CA4)
etag
0x8DB14DCFA6911F9
vary
Accept-Encoding
content-type
text/javascript
x-ms-request-id
86123df3-701e-005b-23e4-163166000000
cache-control
max-age=86400
x-ms-version
2009-09-19
expires
Wed, 15 Nov 2023 11:11:23 GMT
graphql
tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-user-agent,x-api-key
Access-Control-Request-Method
POST
Origin
https://twire.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-user-agent,x-api-key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age
172800
content-length
0
date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-id
ZWlK00403NlYrW4OfN_XOL1PaxGJnZhxrhI0fG1NcAbuX5I_NNY5WQ==
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
71505a74-404f-4f9b-bd0a-e8e00f2894e0
x-cache
Miss from cloudfront
graphql
tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-user-agent,x-api-key
Access-Control-Request-Method
POST
Origin
https://twire.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-user-agent,x-api-key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age
172800
content-length
0
date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-id
XZDD5jbAQ1Vj7Ti_0GgrDdGONloZb8wWkdY2q5QjZ5jGQKImiKGIYQ==
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
88e1f391-7cb5-45b9-afda-ef6c1b989ac0
x-cache
Miss from cloudfront
graphql
tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-user-agent,x-api-key
Access-Control-Request-Method
POST
Origin
https://twire.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-user-agent,x-api-key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age
172800
content-length
0
date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-id
9RrvHwM2hA_cXWN21B8zSWEIffzpHLUKxOYzCGwTOslWdxpAIGMa5A==
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
61e13cd1-2d82-49c8-ad56-02871cc63507
x-cache
Miss from cloudfront
graphql
tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-109.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-user-agent,x-api-key
Access-Control-Request-Method
POST
Origin
https://twire.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-user-agent,x-api-key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age
172800
content-length
0
date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-id
Ysrn_358Ntg4UDqMIeb2yCTRYpirw7YqeQSLd_GgWXpQJOKwqPS3NQ==
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
0ff18103-7368-4323-b2b7-e02e17d2bbfc
x-cache
Miss from cloudfront
graphql
qu2qygng5zf4zbzt6j3wesx6fy.appsync-api.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://qu2qygng5zf4zbzt6j3wesx6fy.appsync-api.eu-west-1.amazonaws.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-2.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-user-agent,x-api-key
Access-Control-Request-Method
POST
Origin
https://twire.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-user-agent,x-api-key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age
172800
content-length
0
date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-id
hOZxAtLu0AllrFhjNQsT_BpS4dSX7SiOK_XI6HxRWtUUdF6B0MpmuA==
x-amz-cf-pop
FRA56-P2
x-amzn-requestid
a5fccce1-8bb6-411a-bff5-22e88bec8c87
x-cache
Miss from cloudfront
collect
region1.analytics.google.com/g/ 		0
240 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TGS0SKWZ8C&gtm=45je3b81v875074973z89115858161&_p=1699960283130&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1383128441.1699960284&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699960283&sct=1&seg=0&dl=https%3A%2F%2Ftwire.gg%2F&dt=All%20about%20PUBG%20Esports%20%7C%20Twire&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=635
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TGS0SKWZ8C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TGS0SKWZ8C&cid=1383128441.1699960284&gtm=45je3b81v875074973z89115858161&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TGS0SKWZ8C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TGS0SKWZ8C&cid=1383128441.1699960284&gtm=45je3b81v875074973z89115858161&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=614829001
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cube.html
lp.cleverwebserver.com/bet365/de/sports/sports_de/ Frame 5B1A
Redirect Chain
  • https://sender.cleverwebserver.com/group/69340?id=771567&ref=aHR0cHM6Ly90d2lyZS5nZy8%3D&ruri=&r=506752552&tok=33419711310201791433&t=1699960283&cmpId=&fb=0&wl=1&furl=0&sf=0&bw=Q2hyb21l&b=0&m=0&p=V2...
  • https://lp.cleverwebserver.com/bet365/de/sports/sports_de/cube.html?affiliate=365_02157900
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/sports_de/cube.html?affiliate=365_02157900
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72821928d50858a5770b1e950d7f02d5ee9ca751cae5de1735ec6db86efe0857

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23258
cache-control
public, max-age=28800
cf-cache-status
HIT
cf-ray
825ed03ddfde6903-FRA
content-encoding
br
content-type
text/html
date
Tue, 14 Nov 2023 11:11:23 GMT
expires
Tue, 14 Nov 2023 19:11:23 GMT
last-modified
Mon, 06 Nov 2023 16:52:43 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
lcCTXaGRone8ZtRVsgvjVrNzqNrpuFlDGpGqZAmaTitCb4ZHksu/aOiMFr7IgVVJGb1TRC2VZVk=
x-amz-request-id
MD3KD1EPMH10VR8F

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
825ed03d5f736903-FRA
content-type
text/html
date
Tue, 14 Nov 2023 11:11:23 GMT
location
https://lp.cleverwebserver.com/bet365/de/sports/sports_de/cube.html?affiliate=365_02157900
server
cloudflare
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
968041f897626b49023ad546fc20c96b529edf127da5552a2fcd22650d5d853d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/x-icon
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1359949434375907&ev=PageView&dl=https%3A%2F%2Ftwire.gg%2F&rl=&if=false&ts=1699960283728&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699960283727.2063502979&ler=empty&it=1699960283238&coo=false&rqm=GET
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 14 Nov 2023 11:11:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
call.cleverwebserver.com/ 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=69340&c=DE&r=HE&l=445&b=Chrome&os=Win10&mob=0&v=1.55.3&ref=aHR0cHM6Ly90d2lyZS5nZy8%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
825ed03d8f8f6903-FRA
content-length
43
content-type
image/gif
twisted-minds.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/twisted-minds.png
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
97260d3e031f669f4d945873d3ec99848fd9b7917c1e5b7bc67830db215be772

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Last-Modified
Thu, 09 Feb 2023 17:43:07 GMT
Server
AmazonS3
x-amz-request-id
C7FC1C4W7Y1MA5KR
ETag
"8d452cfe756e6bd8064257449a397168"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
21200
x-amz-id-2
yYpzy59eJFdzVHQVE/1Nx4CMiIV0yqph0jzptKeRM1+y9R05zYLtgPwCca1LjnUAUi4UTx5WkwJOIJD08VdhVg==
danawa-e-sports.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/danawa-e-sports.png
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
53d2445e82b5abfeb2a5b4f3fc30c9bec4fc92ead2423fafe5871e7457d2d160

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Last-Modified
Sat, 30 Jan 2021 15:39:46 GMT
Server
AmazonS3
x-amz-request-id
C7FCTSPXXMMM195F
ETag
"e5909d021a00b8b38b142b10c31e8afd"
Content-Type
image/png
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
89138
x-amz-id-2
l1fbcroOpnbX0XV2cW9Qr056TY/5M/kQ+IbEFk+SwMgUPrIO4X1SJ8Rbe3MMq7rEKa4bBR+StYB3V1rmXLHNrg==
soniqs.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/soniqs.png
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
25084fe9dbaf744d6b75a4835140317a965b0b1b69e11eccccdd31ea9d08d65f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Last-Modified
Tue, 06 Apr 2021 22:59:42 GMT
Server
AmazonS3
x-amz-request-id
C7F1JV40D9669R1R
ETag
"4af1afeaab66b908dfb8af7bb4faed0a"
Content-Type
image/png
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
24953
x-amz-id-2
QFGbIesoBoBKgIYgVngO3yyhbkuSbzVu3ouc08PjjLG3N2EchetprmbT+v7cP36jcD/x5eE71DpGYXzj/9P6Fg==
question-mark.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/question-mark.png
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9857ddef881abf3c6b38ed88513a1c281d7d83792416a72d1eee20fa08ac8762

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Last-Modified
Mon, 09 May 2022 14:37:18 GMT
Server
AmazonS3
x-amz-request-id
C7F719MD6C0PEV06
ETag
"d45ed7db63c86965971a6bd5271f4ee6"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
35086
x-amz-id-2
x1XJuaQXm7YGp/I9jdIy8FgleQU01Vzqohl99NKCosr9Q2+bixburojJMKLLQ0jGv6hGoQrQWRBRjHdGUE3a8g==
17gaming.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/17gaming.png
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e720e3a72e34dac73187012258589e6a00b7825aee443d90fd622e2db55c3dc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Last-Modified
Mon, 25 Sep 2023 09:26:10 GMT
Server
AmazonS3
x-amz-request-id
C7F8B8EFN5GJHV13
ETag
"e09b7a0c0cf5b2bfb7c88f69290fa7a5"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
22487
x-amz-id-2
8VIqQlDcK3hEAhC6T8kREa3o9zPvPb/ek1vvAEbo5VQC4hP2C+uvS8CxKK7OUhySY5ngC9rbfE009uiMF7lmBA==
cerberus-esports.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/cerberus-esports.png
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
abdfa3848f7a4fff604e12cb77934b4e95d0febad87d6b0eac84acc7b18591b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Last-Modified
Thu, 17 Feb 2022 09:41:10 GMT
Server
AmazonS3
x-amz-request-id
C7F64BT523ZMY4JK
ETag
"c049d0a325df53c93ccdf49ef2ad1527"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
45515
x-amz-id-2
UibTORNOvCyZ7a97iYulqul/bbAaMyLwqWaUgQUoYsMW47Df6fO89c6wlu5vt0NBXyNQkAX/vjMiGYK4xxPtIg==
theerathon-five.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/theerathon-five.png
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e9d648da3f5b522a792fc73dee36fb3b39429fadbb4438151eafb3fa2741469b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Last-Modified
Mon, 14 Feb 2022 08:37:43 GMT
Server
AmazonS3
x-amz-request-id
C7FA39P62VEV52XP
ETag
"be4083680bc640f59d748635a1cabd3d"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
22733
x-amz-id-2
Ra8qt7EB+T+pf/1IGxJ0l7AzidVe38FN8txF/04OB9OkLpvxhgCRHJUVbWQw00g3y7IrZhHF9GFDx1hWjGXq+w==
tianba.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/tianba.png
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
13915f69c62ce808f8cecc372dc6e4414d782ba9a644c37ac1b9c138fb509216

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Last-Modified
Sat, 30 Jan 2021 15:40:00 GMT
Server
AmazonS3
x-amz-request-id
C7F1KJN849H65XWR
ETag
"200e3b608dc9699e2fa58608ca6ce903"
Content-Type
image/png
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
83720
x-amz-id-2
Ji6ZfX0OKrIcWWyJRorxkEypJ1xy9czEO1n5eIjWeLTicNiAw2x6gcQJkJ9oGasVXO0cI5638C1BJiDkULeskw==
luminosity-gaming.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/luminosity-gaming.png
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4751c1c35ef1c500515f2dbb4075bd432acc0a933832adcd86defb01616012d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Last-Modified
Wed, 06 Jul 2022 18:39:25 GMT
Server
AmazonS3
x-amz-request-id
C7F5SWM7Q24ZN2H4
ETag
"4d321c23aaa18ea0ab139edbe1fd40b3"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
37696
x-amz-id-2
YPWXxEuUCoNGzdjIMpwrFuB/HUT+IYnPqR6eNHKf+mSZDkTPH/Fq7u8Rf3qrf21RKklQbYu+BnrlxUyjrNnztA==
faze-clan.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/faze-clan.png
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0063c2f012180ed77f6b0e766972ef32e6b29a7a680ae2664b26d9e0128c1271

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Last-Modified
Mon, 04 Apr 2022 15:38:20 GMT
Server
AmazonS3
x-amz-request-id
C7FBJ0ZB3KDSF0H8
ETag
"92c8effe5b4d2a40191c49652f2321af"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
6278
x-amz-id-2
/vzBb1aRIusOvEjZ7cEshSRY+sHOUsxlcH6BrKYSAcu+9DqB7jDgbtoSXgd16mnt+l6sIN8aDVU6o4sEREkTvg==
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1359949434375907&ev=PageView&dl=https%3A%2F%2Ftwire.gg%2Fen%2F&rl=&if=false&ts=1699960283851&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1699960283727.2063502979&ler=empty&it=1699960283238&coo=false&rqm=GET
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 14 Nov 2023 11:11:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1359949434375907&ev=PageView&dl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&rl=&if=false&ts=1699960283862&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1699960283727.2063502979&ler=empty&it=1699960283238&coo=false&rqm=GET
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 14 Nov 2023 11:11:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
twire.gg/
Redirect Chain
  • https://twire.gg/en/tg1.aniview.com/api/adserver/spt?AV_TAGID=63ee40ba55a95e7e590cc1e6&AV_PUBLISHERID=601d9a7f2e688a79e17c1265
  • https://twire.gg/
6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twire.gg/
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
H2
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fac6996dd2267a402f0484adca75de4c96fd4d35b6f499b6698466ed99451d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/en/pubg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:10:00 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 10:02:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
85
etag
"b03caa181cd2e8cb9fae1bd6a03391db"
x-cache
Hit from cloudfront
content-type
text/html
content-length
6115
x-amz-cf-id
LP84xkqdUPoZMzqHFgBZvucqTWEkumE1JUt2zs-qA0OHEuBG1scmlw==

Redirect headers

date
Tue, 14 Nov 2023 11:06:59 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
265
x-cache
Hit from cloudfront
location
https://twire.gg/#!/en/tg1.aniview.com/api/adserver/spt?AV_TAGID=63ee40ba55a95e7e590cc1e6&AV_PUBLISHERID=601d9a7f2e688a79e17c1265
content-length
0
x-amz-cf-id
KJMxPnBbGxF9Wraw7lVM-U-9qyHBlgw2tDSx3N-JgwQWlHONAhPVIg==
prebidLibTest.js
adncdnend.azureedge.net/adtags/ 		506 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/twire.adn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D04) /
Resource Hash
2477947e77bb948ef86cb677ee6ac9332641d29ac3e216f894a3600209a3a798

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 14 Nov 2023 11:11:23 GMT
content-encoding
gzip
content-md5
YQ53NT4U53zrFmWrVUrr+A==
age
4681
x-cache
HIT
content-length
165745
x-ms-lease-status
unlocked
last-modified
Sun, 24 Sep 2023 08:50:21 GMT
server
ECAcc (frc/4D04)
etag
0x8DBBCDB49464D13
vary
Accept-Encoding
content-type
text/javascript
x-ms-request-id
f1836a71-b01e-0044-0de0-168262000000
cache-control
max-age=86400
x-ms-version
2009-09-19
expires
Wed, 15 Nov 2023 11:11:23 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/twire.adn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b5db1ae2f95cda3c7b04f2b1403181a9578dc3f3d67bf351702210ce94835e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31895
x-xss-protection
0
server
cafe
etag
640 / 19675 / m202311090101 / config-hash: 16380516175442994445
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 11:11:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/twire.adn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 10:23:07 GMT
content-encoding
gzip
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
2898
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
_u-B0pg3AWTHbvzAwStI6AlFzfeFpsHEVSlKEQuoKbOExOy7zvPHyQ==
bg-300x250.gif
lp.cleverwebserver.com/bet365/de/sports/sports_de/imgs/ Frame 5B1A 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/sports_de/imgs/bg-300x250.gif?v=2
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/sports_de/cube.html?affiliate=365_02157900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6aa7d165924c00e7e3d1ab6e9306e7dda76713e0670ef6c4a28776161332fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/sports_de/cube.html?affiliate=365_02157900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
cf-cache-status
HIT
x-amz-request-id
5DD43RCQCP3K0EGB
age
15209
cf-polished
origFmt=gif, origSize=54793
content-disposition
inline; filename="bg-300x250.webp"
content-length
27370
x-amz-id-2
h9jPc5/Km1zi56GDwDUX57m0xnOo2ZJiHlRz9WFCtKXkT63ET0w3gvv1JMG+QVjbv5ct1WuO5So=
cf-bgj
imgq:100,h2pri
last-modified
Wed, 08 Nov 2023 14:33:01 GMT
server
cloudflare
etag
"cadf6cb7ad28d331e032bdcc4e73ab17"
vary
Accept
content-type
image/webp
cache-control
public, max-age=28800
accept-ranges
bytes
cf-ray
825ed03eb8ac6903-FRA
expires
Tue, 14 Nov 2023 19:11:23 GMT
rocket-loader.min.js
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 5B1A 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/sports_de/cube.html?affiliate=365_02157900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/sports_de/cube.html?affiliate=365_02157900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 Nov 2023 16:16:02 GMT
server
cloudflare
etag
W/"654bb442-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
825ed03eb8af6903-FRA
expires
Thu, 16 Nov 2023 11:11:23 GMT
petrichor-road.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/team-logos/petrichor-road.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
75365a0513ac76806fb8f59af9df5d3002c69a3341b0afc1c80f364541b35d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Last-Modified
Sat, 30 Jan 2021 15:39:56 GMT
Server
AmazonS3
x-amz-request-id
C7F9Q9FBTT82NMPC
ETag
"42fecae16a1e2713319cfefd00b12159"
Content-Type
image/png
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
12147
x-amz-id-2
uelKTHM0MMEN8sn078CRL8688lnssEj9Q3xv5nm/oaI2VECtBppistdyetzPK8MoogfIszLkq7tFOdIpOpn3Rw==
blast.png
twire-assets.s3.eu-west-1.amazonaws.com/fantasy/tournament/logo/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/fantasy/tournament/logo/blast.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2754748402fe794464bd2d2ace05db1bd2b86473bdb42dec5d4608ad4d076aaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Tue, 27 Jun 2023 08:27:06 GMT
Server
AmazonS3
x-amz-request-id
JMZM7PS664G6DWFA
ETag
"29fbacdeccafa8fe5d535f9db4eb0904"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
13020
x-amz-id-2
BJ1C4CR8LSVes4r0pf3GbpMlSWCB2RVWD+mcWLMGeR1vdZiI0VpIh64Gz0pD2PpQ0OjCJiWhADZbL5FUtruxcg==
pgc-23.png
twire-assets.s3.eu-west-1.amazonaws.com/fantasy/tournament/logo/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/fantasy/tournament/logo/pgc-23.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2fb619c975da3a0261a54e5bf912cdc2f4007e4cb4cc04a0913d9869e3b92238

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Mon, 06 Nov 2023 11:14:59 GMT
Server
AmazonS3
x-amz-request-id
JMZT7P2ZNJ247BJN
ETag
"2dd809c98ec2f5d3c1485a05de14c366"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
17326
x-amz-id-2
9now7TLkRIZhl+EED2C6y9h60+NaRGAayRAqXETcPtHkVM544BjXMhp7BH5OXdSdrs2JZ/eORbK5eOoaIQr2JA==
good-game-ligaen.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/good-game-ligaen.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
02297ed4da6d17c6d89c903a6bbf2980353e77467405699e03baa56db4cc8650

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Mon, 16 Oct 2023 10:02:26 GMT
Server
AmazonS3
x-amz-request-id
JMZVWBRS8FJJETBH
ETag
"d4082e9efa22d7db9b9608f4a8f79c88"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4017
x-amz-id-2
1/UfX0JiQ2gCxuDXwnG3jS0HWZ0GyAIx/c4RWYXc7JxWsiBzpL6AolY7S4L9jPD0FmIM08+6tOQfvoDcB5IWbA==
vikrvi.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/vikrvi.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cfcbd286ed4c1816bb42784287122cca187412452359bb56cda1e8120e02adcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Wed, 08 Mar 2023 17:16:47 GMT
Server
AmazonS3
x-amz-request-id
JMZNR3D0149HQNAR
ETag
"aad05e22ea96bff7ffcaaeae89ac5b3f"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
41964
x-amz-id-2
PON1xOtuYCGVf5bQ1AHdsiLAmFj9HmZGZpJst8eZKOBsnMTqR0JK1EZAG+j3c1vBU9Zakm9N4vMqIwao9mhFSQ==
ebones.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ebones.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6be601b04cf6cc03c16b4a1dce5d92f7e090c3711ad2c2714a21570fc4038b77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Thu, 14 Sep 2023 08:16:03 GMT
Server
AmazonS3
x-amz-request-id
JMZZJ50S6AJXEH69
ETag
"b670747e2672cffe410575e12597eb34"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
40617
x-amz-id-2
yJuK5hAqAu/LT3COXSj9NyuUMXYIxdmAz8V8td11lSbWpCz+nj4aVuLe2XU5sm4SMvyIR7NFk4X9UzZgZtZWzA==
balkan-pro-league.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/balkan-pro-league.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f5f6dd995b5c22a09551b4ba55537832240ca183b355e0333e03d584833e660d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Thu, 02 Nov 2023 09:15:14 GMT
Server
AmazonS3
x-amz-request-id
JMZMSVKE3B60H9ND
ETag
"a1d3ef2f8513dacc51bcfcd7e92f4cc1"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
29541
x-amz-id-2
Tz+4mRKgWNXxn1voSfe21NJ8r7CLV+bZKyi2dMbS6aFk4gxVpERzTS4mZnGV6eVmq7N366X1PZWujx/bZVqDYw==
pgc-23.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/pgc-23.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2fb619c975da3a0261a54e5bf912cdc2f4007e4cb4cc04a0913d9869e3b92238

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Mon, 30 Oct 2023 11:00:35 GMT
Server
AmazonS3
x-amz-request-id
JMZJFES5PEAZHPBZ
ETag
"2dd809c98ec2f5d3c1485a05de14c366"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
17326
x-amz-id-2
t2maDm0l+wwqAQgtLEesMa+7Az2/JMTfd1XaCcX9IuzBloHW93SPE8GlI8QQFLwtehqASH7iHofyCvVoTmqsuA==
vietnam.png
twire.gg/images/featured/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire.gg/images/featured/vietnam.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-99.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02f91e80fd844289990926d8c44488dc5c8eb82aaa2bedde5a708422879022e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/en/pubg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
last-modified
Thu, 30 Mar 2023 09:30:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
266
etag
"236de3bb5f7020e1c660e38e2443a160"
x-cache
Hit from cloudfront
content-type
image/png
content-length
123832
x-amz-cf-id
EvoxBljCXmtNgmskYg5Qy_i8OKzlN5wOC-GY1ammGI1OkvZxYCuuBQ==
she-warrior.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/she-warrior.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
16749b52418a9e9c3668db94ed965b00df682d190713e5bdb5efcf8cb5f3e7c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Sat, 11 Nov 2023 09:48:49 GMT
Server
AmazonS3
x-amz-request-id
JMZVVTKEADB7RN56
ETag
"aed4abd402ea2f9427c0e488cf7e4843"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
36568
x-amz-id-2
B8Qoy58m5JLycfQfweiBTGlh+DHEhS05DI/+n0Xo6l7+hFg2V7J0wJNRjirEVEa7+dMfYLR4LWpAGjAxaOsxqQ==
pms.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/pms.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b207c848b4d580cf8a3ed4d74a3dad2a5a45b4fd618b94bf0be91f186d0795e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Fri, 04 Aug 2023 20:06:27 GMT
Server
AmazonS3
x-amz-request-id
JMZZ3PMHDCASPB1J
ETag
"8c3ec860062be19c85e14a2f3c4749af"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
18949
x-amz-id-2
TGKAfDdtxeZ7jlaE/tljWx2K8aEDnG7OcC7ZRWOfS5fQYLCgvVWYI5QFqpkOjul+2erH67Xon9G3Ukg9fAde+A==
goldbread-showleague-nov.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/goldbread-showleague-nov.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f45cbaccf65a542ede497e536ee4c8ca0219a6ad2b931b5bde3ff307507a7abb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Thu, 02 Nov 2023 09:52:11 GMT
Server
AmazonS3
x-amz-request-id
JMZRGDDGEH1VFDA9
ETag
"a586cd1f9e0b7fac0648690dfd4c8334"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
47239
x-amz-id-2
PLRu2s4bnriSje1DVGZW1XdJ1CCyoKolhaqaqODNhf69aaYoDwrMsPMB9tFQsNI2A4bmpdDYjONN4/0wHuy1kw==
baldurien.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/baldurien.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
acb0b2327a4ec8511fb8baa1934db113c6a16249d1b4405c37a19083bd3a3818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Thu, 08 Sep 2022 15:33:29 GMT
Server
AmazonS3
x-amz-request-id
JMZQDTFC2W5TDK3X
ETag
"41e4928f531ba4cdc6486831b6b37941"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
68349
x-amz-id-2
v9wG5YWSkiJxOZwp1Y/p3KF5BT1vistEqhqhXQoknkn/v/0436Z0vpP6iapG5S6UVfYDyEnmxhBCv1qX/ntG5g==
blocktrade.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/blocktrade.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
207841ec5c21872b4695d6941afa101c6f79dfb9b15d948b0f21be7f541db7b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Thu, 09 Nov 2023 09:33:51 GMT
Server
AmazonS3
x-amz-request-id
JMZZXF07YMGXW6HW
ETag
"b88158d7be214387ddc9ab80215d0e37"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
17554
x-amz-id-2
3yPVO7DgmjyRZ8ciPqIhPeWbJ0OSZmGn+96jfspFRCsJibKTGOgJxrVrLVv/wKZm10pN/0z9z2dpDYsVOJdv/w==
nae-tournament.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/nae-tournament.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c14771fa67fb1b56cffec66d648e3f70897fffb7fffb86915bd0cb32c191f6fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Tue, 15 Aug 2023 13:37:50 GMT
Server
AmazonS3
x-amz-request-id
JMZM4YW9Q3BBRY5X
ETag
"89050c43de3b308183bfd9973bb005d2"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
19396
x-amz-id-2
5+ozPp0S+Kv5RqRau0CI5P0fhfQqVgNxlcFxyWjX4uA649fzjzIQLDHBd1G4KBIVfasQodTvVyXNMSTv2anLsg==
cg-series.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/cg-series.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
44dec5526c39ca83d4e0a78f6f0eae745a88c0d28b871e12e08a60d099f69815

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Sat, 28 Oct 2023 18:47:32 GMT
Server
AmazonS3
x-amz-request-id
JMZZJXAWXB54ZEGH
ETag
"75190ef18f39e280b6fd34bf3424d71f"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
8095
x-amz-id-2
alm/Th6mN5pqysbNrstRk2t20eYdjN9TecYNcN5UKGZx8LH/+IvXtHYn7kfoZHAWQV3rtvxG9/nmEOhkd9PWYw==
ottocup-league.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ottocup-league.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d2c73e2c1c22137543a803622f22245a9a763b1134ee2d4ba084720ac44b28d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Thu, 02 Nov 2023 13:48:15 GMT
Server
AmazonS3
x-amz-request-id
JMZQSTSSEG3873D2
ETag
"28672d75275b6242a07264a25d0a2cce"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
32252
x-amz-id-2
Vk0K020s6bFsUhyUMNdYILm/ue2CwhI0ziDS/geDk+sYtyDdd7cPl9HzDbcyp88NesBF9K2ND/Dcgo1xmKjD/A==
copa-rk-squad.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/copa-rk-squad.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
76cd8e6d409510c24e338edaf835562468aa04992512d126d5c7f9709c16b5fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Tue, 31 Oct 2023 10:22:16 GMT
Server
AmazonS3
x-amz-request-id
JMZW3JXVSQ9K92EK
ETag
"a07473b8872ca29e6e2dcbc15af6a1c5"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
27322
x-amz-id-2
ZW0V0SWrLX7GDfB3iTcW58tw17V1IykXTw77JefqU/JiDf+TWOsAfWqhde229805DnOniSRf1gVHTyYSbMII3w==
hardshift.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/hardshift.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f9d5abb40e72708dec5691e0588cb2cd205e080b3fe490bc2432b068309d0bb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Wed, 09 Aug 2023 21:01:36 GMT
Server
AmazonS3
x-amz-request-id
JMZXNN51050DT0Z7
ETag
"e4eb364ce0e77415ff13b5f5a998b15e"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
25298
x-amz-id-2
kO84KvUFRsA50NffUjb8I4gDuv3VinsZvNnUyrExaX/QVkl/9QMePKkNZTO9tIP7ezQQniwZK9tJHxIDR4B0Ig==
tec-gauntlet.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/tec-gauntlet.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
425dd458f45b5fffb1c1b58a3afd6e0ab79b0b695ff5c946adeaf481a0893382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Sat, 14 Oct 2023 11:35:45 GMT
Server
AmazonS3
x-amz-request-id
JMZZG900NE3M65D6
ETag
"1fcccdc0f3d6186c8536e20486ea7ec0"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
169656
x-amz-id-2
6Y8Gx3YiLzQ6gd99k/fsSbu9oM0aENdkywfiyolx3WNG7e34GWqP8YkbiINhHEbpXOodJI7p6P7XrZsycif8MQ==
29ekim.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/29ekim.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2f4f59c555ab2256240c7a3d1e9ed1cce7ed40cdcdd7800a68722c23844d63a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Thu, 26 Oct 2023 08:45:50 GMT
Server
AmazonS3
x-amz-request-id
JMZQ7HJJQK1TGNMK
ETag
"de5533e05e091e742f65ce4a9464e695"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
22861
x-amz-id-2
MPO+QYWG0sGjvGdjRZNPovvz7lHN9Bv/Z5qCFZ6snKFgpON/MDLmRMfgDpQfOEjTOdeM+4CTq9WiosYc8PGVlA==
qiyou.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/qiyou.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f2feeb7a717ed3d7e85aedc3cd2ea106d672bc7bd80a7df415c44abd2ea50802

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Thu, 19 Oct 2023 18:39:08 GMT
Server
AmazonS3
x-amz-request-id
JMZWJ3VBW7BDM0EQ
ETag
"04643c76a5880d2fe36012f6a0f2833a"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
32250
x-amz-id-2
7ZfWUHqCI2fDVMGxqOZRb/pj+fvn/3TFW2UrwT6axWTNSnV77xIqYI8Ge67krOp1ODrsOlj7ZO0l3Ukhhs+ybw==
274e3e86-6ccd-11ee-8694-064f26ad4164.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/274e3e86-6ccd-11ee-8694-064f26ad4164.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
pml-23.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/pml-23.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
041b60ad0c80f7a56235df90fb93864fdaeb95bc69f3dc1729d0a2e80d725593

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Tue, 28 Feb 2023 16:42:20 GMT
Server
AmazonS3
x-amz-request-id
JMZPR88WQHV9T7H6
ETag
"d4438fdd411382bf7391e415ea00212b"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
15036
x-amz-id-2
PoOPC0PCeTVThbK95sWUW/GG0T08wkPSYfBesAHc2Z1Z32e2+drGjgKp0FrftxKpXSiZBrP1Zbvu95D7dU6D9w==
pts-21.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/pts-21.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
71260d42a9f8108fe9f82b882a7145359eeaf44d0fa3c6121c4dfb1bfeb92ee4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Fri, 16 Apr 2021 08:32:46 GMT
Server
AmazonS3
x-amz-request-id
JMZTGATV148JR3FM
ETag
"ae88a6258bc2411be1937839e5c93e70"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3425
x-amz-id-2
XzRKRGs0cVRptNTJ3VrVKaMrW/oTduhR6FDT8CBVzhvDD6N3KWI+EMiy4Tz0AMY5xecLpcfWwMu9PVbG+hvGIA==
pvs-23.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/pvs-23.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0c4ab72c4808a9df33e1706dc9a971c2d7764923992277655a2ab3ca2c2acef3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Mon, 25 Sep 2023 13:19:35 GMT
Server
AmazonS3
x-amz-request-id
JMZX6GZSGTRGEJDX
ETag
"23176e7ffa8670e10b4b6649f5f2083c"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
11952
x-amz-id-2
dJUjFsypKaZBRRXC9X3jZN9IHNvgGRAuBsj7TQDxc9kdY0Y6ZE2H5MRP7TPkU2Hpsyt+h4CzScuJ7Onm0Wd7gQ==
as-pcls20.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/as-pcls20.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
16b636bb797e94f82866b806be745b3a868862bd593affc90c16b79faf907b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Fri, 23 Jul 2021 06:26:48 GMT
Server
AmazonS3
x-amz-request-id
JMZGMGF6NXGGG3V8
ETag
"9ae2c7b5f34c84fa1c5c992caff5261e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
19314
x-amz-id-2
piGi5hHQJznOSm8PV+BIU96p6UFkWEoYWeZfr8nlpgQQ/xxYsUQT/9sFABNtW/OxGmIFJu0EtUeDIMdS17/6EQ==
tgltn-rivals.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/tgltn-rivals.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e34667136f6cb7821e9e082dccbd0d64b6e16dba47ce1fccbcad99675f405285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Fri, 27 Oct 2023 22:44:13 GMT
Server
AmazonS3
x-amz-request-id
JMZSDREXXB1G78BM
ETag
"05a41f7aecac523bb887290e23be4049"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
107002
x-amz-id-2
ublz5xE1lmYyClMx269lQUDUYexczZomVA1z2lfnIQ2Zqx4x5q96hHf+WhWcFTaT1g/EMAfauQSp469X0WWprQ==
pws-ea.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/pws-ea.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
78dd37d36207e7dcd5b22df5f4c153c20ec1c4665c48ba018f6831cea19f941b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Wed, 14 Apr 2021 08:50:42 GMT
Server
AmazonS3
x-amz-request-id
JMZP75BDT3012QNZ
ETag
"6780021c0f0847f1ce78085e2a271c82"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2393
x-amz-id-2
Cx+pI4osrdqOD42w+FeTe9ubMiGq0EKeZCg9EAChOCPKRiVBr71LobjCmfw5HiJyTZE3RqypEhgKWqgJWG8vvw==
50c74f4a-73cc-11ee-b335-4a0903289e86.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/50c74f4a-73cc-11ee-b335-4a0903289e86.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
ptc23p2.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ptc23p2.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
10befde33d62a97dbd5a84ce9b644691a3e540ccbc54d9f2413ac02821ca0280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Sat, 30 Sep 2023 10:23:45 GMT
Server
AmazonS3
x-amz-request-id
JMZJQ8GCC2JTYEMA
ETag
"79ced4d9f2ff467289377bd6b076e64a"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
17503
x-amz-id-2
jUDWyCpSHeKyR3ysqKsxzOLRLXoR/kHrnHL3lV5JnU6OPkudRb7AAHG2jT5KdJNubwb0q6/cPGxOPnATpbShxQ==
2abd2a8a-613a-11ee-8f18-064f26ad4164.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/2abd2a8a-613a-11ee-8f18-064f26ad4164.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
baltic-battle-royale.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/baltic-battle-royale.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f04615fb629cd0769b557dee25962c2811531e256aaebc6f8b0a24c79dc24dc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Fri, 13 Oct 2023 10:31:49 GMT
Server
AmazonS3
x-amz-request-id
JMZQCC9BCXK4VYZF
ETag
"cdaaf60ecda0da88fdd259f485d31244"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
104581
x-amz-id-2
RK8GyQY0ddOpAstOTcSVSjiNDxHcmKwWkdd6KPL5AIFFQMveCVtueKQ81tTZ8lcO5yD7qBUE9AQ71JeyjxMwGg==
gde-c-05.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/gde-c-05.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
479e2cba557cca405ff250e97cbb9ce14f417d70f391ffa95dd5de7b8bce3c0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Sat, 30 Jan 2021 15:39:40 GMT
Server
AmazonS3
x-amz-request-id
JMZKQHFRT0S7QNAV
ETag
"81a149233f2a7856c4d240dcf9a07911"
Content-Type
image/png
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
11999
x-amz-id-2
fF8mE0dPSq9OznVnn6USdkgYngeCnhntmmg2TxX1PAqeaNF/MFEJhLstpo/laYEQZanZGWf+7HoNvZX1tWhZtg==
pcr-23.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/pcr-23.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
60a39d3cead4ccd9ae8380178da5f85e4d81967d9347a606ba310d452fcf6756

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Thu, 02 Mar 2023 16:11:49 GMT
Server
AmazonS3
x-amz-request-id
JMZY29CHFQ08S7C6
ETag
"e3c8f1c6bf3ce0c156387839819db622"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
16439
x-amz-id-2
mvxXe1WtYD2EUCUPa3HejZUMJ5IrkTzK0aTCwUfc6uMdAlsvvMhTP+2MM8HJK6F0JvXYXOUecengBwxiqRtF1Q==
pec-23.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/pec-23.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
79edbeec24fcf4e7a7f4986fec681b558c0d55aed123c49cb2d998b7f85b88a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Fri, 17 Feb 2023 15:25:43 GMT
Server
AmazonS3
x-amz-request-id
JMZTKN3DZC2CFNJS
ETag
"864ab27eca37ce58b4dec3aba28d52bd"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5801
x-amz-id-2
FieORYWRpwaOBupKIBtNz0xT0bqV1iyc+us2nAICHPrFMQ710oKKWza4SXHDO+7ePM+mRkM7qCH1fjLFYMxdng==
pas-23.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/pas-23.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
def610dcfcfb2f364d5b90c32bf285b70f0291c04fd106b1a1ef330cc732e175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Tue, 14 Feb 2023 14:57:13 GMT
Server
AmazonS3
x-amz-request-id
JMZTT8Z9N6A7YKAN
ETag
"b6f1e8dca77a1b72c839a113c8f0bcd5"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3244
x-amz-id-2
oFBIYvf1qW/DeXIJ6e8AZWXMILohIBnZewegzugX/ThvUzWZUNPqrpxNjr3Zm9jYDbv9B1uQrt1OtOPXCH4lmQ==
pmi-am-23.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/pmi-am-23.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
16d9891f437f2291f41ff75685d11e9bc4ccfa24a4d97b8ff951b92104fd1473

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Wed, 22 Mar 2023 21:47:16 GMT
Server
AmazonS3
x-amz-request-id
JMZSR17JSM0FS61M
ETag
"0a4c1f0f59def0c0ebe37d5e7164eda2"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
9914
x-amz-id-2
QryT/bhvQNTIxJh1SVWHjyPcyVmIYWSLZA03unO8QYb3/KxRI/xYla8hWMQKesKyVNGLBeH+z56cysltsdRKDQ==
lidoma.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/lidoma.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a6b8586c578efc1d4979e6ceb4a26ef835919fbe508cadd853d9e7c37bf6fcbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Wed, 19 Jul 2023 15:34:23 GMT
Server
AmazonS3
x-amz-request-id
JMZQCPKQMQSF3VY1
ETag
"e9b04acd11f4d462a5a02157f47c3e18"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
13778
x-amz-id-2
z6x+CG4Prif5hd7sYhLVPQlk5twAYHh2AM4+SXQvqzkPLaawyVCW4CzuV0HHl3T2j0GGlEinwLD0RXHsT38aoQ==
clever.de.js
lp.cleverwebserver.com/bet365/js/ Frame 5B1A 		366 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/bet365/js/clever.de.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
272e061f483042f2a5bff48c3ff824eff809aacfd7385a54645a2a2385ebcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/sports_de/cube.html?affiliate=365_02157900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
T16TCZCQKTFYEH6G
age
2656
cf-polished
origSize=450
x-amz-id-2
CBzu6mt0wRQRiR7PtJoB9ThvzH2dH1YeM9I4NE/6q4xufjw63W+4+FZqPzjaq5Ff8YDuWsOqEXQ=
cf-bgj
minify
last-modified
Tue, 14 Nov 2023 10:26:46 GMT
server
cloudflare
etag
W/"9fe47afc46874aa4ab2ebf7bcc95df67"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=28800
cf-ray
825ed0410ad76903-FRA
expires
Tue, 14 Nov 2023 19:11:24 GMT
pgc-23.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/pgc-23.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e033a347af868f597c7e12a12a5f4d1d543af72c3fa8a1d2ea95e893b672ff3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Mon, 06 Nov 2023 10:19:22 GMT
Server
AmazonS3
x-amz-request-id
JMZTKB8T4ZBF1WZ2
ETag
"ed9e37fe33e1843fbf3e5a2ffc0bb6b5"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
91238
x-amz-id-2
9w4bkEomEy1EkYUjVQ8BGHVzzzZ0tDuVNo0kb7rd1IE6bc0RZkzlIHHkHb5JTPJhJPYzXumNJOPyhxLmDWanqA==
pgs1-announced.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/pgs1-announced.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8a2e103dad18e6ba8d566f4edf15716a4a22cb1854182b9f13e768011e245741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Thu, 30 Mar 2023 15:17:31 GMT
Server
AmazonS3
x-amz-request-id
JMZV31MH8X5HDBW0
ETag
"9b199319032bc5303e19d6b2699b6d0b"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
55514
x-amz-id-2
vWm9NGLCmAQ9YCQXGzAW0uBJlnd5zlf4FDEiaHsuyS/hUoDK2tm2MljfT/T9xraa6m2gkqbPEOIGtKr8tj8Ybg==
twire-fantasy-returns-2023.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/twire-fantasy-returns-2023.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
26327e926acdf349a64147af84c8c838040ed993b55384c616a0983077ec1214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Tue, 21 Feb 2023 13:32:42 GMT
Server
AmazonS3
x-amz-request-id
JMZKYBC3V439VQ3J
ETag
"2ad1c45363ac7fc0fea03a2e93907fb9"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
67017
x-amz-id-2
KiYLn7xbTxBH0Dy/GP1GF5/SwCn+KcfecRDcj4gfxqxmtQI0rK4/BzeeoOsORMKTnTkObDDlgNFrudplFKH1zw==
jeemz-joins-faze.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		323 KB
324 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/jeemz-joins-faze.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b6e1638fed49905e67e6ce5b1974956e4d1c6a24ffe1b37fc7adb070e46ee0e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Mon, 20 Feb 2023 18:49:43 GMT
Server
AmazonS3
x-amz-request-id
JMZJ5DGV7VZB1XX7
ETag
"f16bfe2fc69087325fa545ccf2a2562c"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
331027
x-amz-id-2
SOABmh9gAdfqW7KtsoNnyS65nbcVqXGiPqPHFZtqSR4CeqUFYoiV2V+7zOPkucsq1DChZbOL6Rzl5yVOoYubhQ==
mercurial-announces-newteam.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/mercurial-announces-newteam.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
1092b288c44dc34db6071ed4d4c8f9ff74939a3427bcb28a48c0d5dcc19bf592

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Mon, 20 Feb 2023 01:43:10 GMT
Server
AmazonS3
x-amz-request-id
JMZVJZBCE9BMQB2V
ETag
"194e053a82b2cafd5294fced3f9a1562"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
238992
x-amz-id-2
qApxTyDcKSnJPK8dfp8jNCelLPjoKHEe19ZMZ2dmfn/uS+kKc1lw4etR8RT0dRMcNHFjNpskNwEyiKIFsx1PWg==
v1n1-haven-hazeten.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		157 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/v1n1-haven-hazeten.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
118c82ed7185b92b9e5958d9822baeb6e92ee43ff5e32b3d5d9f75865d847988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Mon, 20 Feb 2023 01:26:37 GMT
Server
AmazonS3
x-amz-request-id
JMZQ9CMZ7S7RC1MG
ETag
"0d668898815432219874e392fa636d24"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
161042
x-amz-id-2
GvQFojF3XTaBzv3NWfM2AdnZ8ljTyKnTJuTnLf4fSumDn0V5Tb6YmZIZ99dRYNNHY12021zCBR78QAZPel6LsQ==
young-kings-disband.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		575 KB
576 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/young-kings-disband.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
1aef6b6a9e20ca92d7671e944fe5166e35012af52f003b02d75176279d7da8e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Mon, 20 Feb 2023 01:11:37 GMT
Server
AmazonS3
x-amz-request-id
JMZWE9TEPN6DVD0J
ETag
"adf1d93516052bf5b4bc2ff3351e718b"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
589086
x-amz-id-2
68X9DtZtB0hgSEeIIuP+/0B4BoIl/aPwcauM+UXdp9t9ZMmDyxbeNsqPGdfrbyOMv385WTIQZDFMBnev+tX5UQ==
pec-announced.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		795 KB
796 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/pec-announced.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c42107e2006748e9fbc0364aabe021e6cc1116c6f3c560d961540c867ba8f8bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Thu, 16 Feb 2023 23:44:59 GMT
Server
AmazonS3
x-amz-request-id
JMZNXZ3WG40FSTE8
ETag
"328b15815764d093b637012f86e40031"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
814251
x-amz-id-2
dyElGGfII6P25ze/3tDvNlXnlLE+ADyJhWOyKY2mYOATwDmzu5d4d6odWh3g+VW/7JDgb2eovE7H4Y7n8DB3SA==
sparking-leaves-yaho-and-joins-br-squad.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		363 KB
363 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/sparking-leaves-yaho-and-joins-br-squad.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
fb3729d41df720c76e0a8948d6573e0a4b0ce5d5b543ef051d71ddcb64719fce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Wed, 15 Feb 2023 21:13:04 GMT
Server
AmazonS3
x-amz-request-id
JMZH4NW9ZW9BYDJ8
ETag
"f21e6aef63e28e576dd045afeeb10430"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
371714
x-amz-id-2
o4/Su//pB8wiovg3lNAxSVnEbGZ9nNs9sLBxuoT3GIYAo3swrzP+23xQUMuY4KPk5O733h7+3iS1TIgMyrVtKQ==
bliss-resigns-pubg-team.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		589 KB
589 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/bliss-resigns-pubg-team.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
fc72d3ac6f312cdcb2b1381fb536e0f1be84650b6b681b9cc35a80c7b3ae0adb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Wed, 15 Feb 2023 21:13:04 GMT
Server
AmazonS3
x-amz-request-id
JMZZNGVK7ZM6HB5V
ETag
"6943911c94dd49a2198cd7e7e0b9a877"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
603175
x-amz-id-2
yTPMWe+8MalS2x8X6dYlzcsKUBCeCTwb/ahgl1z97Zo7dqdsutg7WvwRgpMXY6KUlf5QwRFBQbrfXyavyzskhA==
lpl-season1-2023-annonced.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/lpl-season1-2023-annonced.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
613701d292a2b02cebedba592060bc9e955d1d816be4790cfa6a1f76f33907c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Wed, 15 Feb 2023 21:13:05 GMT
Server
AmazonS3
x-amz-request-id
JMZZERM5X5DFRD0P
ETag
"ada02d64434b3a0bc6adf1d9d0b114a5"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1254372
x-amz-id-2
t938KKbdKLgK1ECQDGobH8isT0s2L3lNxgVed/rZa47HFJC9+UweBtuM9J6iwHDHjbSLe1PpW14SL/J4dakaXQ==
pubg-esports-changes-and-slots-revealed.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		421 KB
422 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/pubg-esports-changes-and-slots-revealed.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
121ce1fd6ee2cb454702b3995302faa16193f3eaa51ece7c7470371b6718a7f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Wed, 15 Feb 2023 21:13:05 GMT
Server
AmazonS3
x-amz-request-id
JMZJG7652KRC9EMC
ETag
"15b4825bedb3fa7366a3db6bffd5631a"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
431508
x-amz-id-2
iX7YFpRYv8HieRe8fCZkcCwzE+hfHVRXsHXvhlh8oCUxSCRbVtBOGkbEKdC8sO9CgcM970FD6cqLhOl/UhazOA==
pio-returns-to-geng.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		826 KB
827 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/pio-returns-to-geng.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2485481e696576d8e87583e6068147bdf7cd377e67397d194bd0358b4a6f1dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Wed, 15 Feb 2023 02:24:54 GMT
Server
AmazonS3
x-amz-request-id
JMZWSZDF8A4P1JTN
ETag
"00c88dbdf0dc177aad3b999735549f9a"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
846163
x-amz-id-2
RpGxmo+7JLorlOJMKojx3UXg4dP+gPMDdiw+o32uiQXYidgn7wMMjXSb4vOL0DgLHR3m9zrMDwg7TmhZTkZ8/w==
hakai-joins-newgen.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		597 KB
597 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/hakai-joins-newgen.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5fd572411a9aee979e2dff8cd706c93e67a68261c8ad07c8dc0759b65f93b30e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Mon, 13 Feb 2023 02:37:38 GMT
Server
AmazonS3
x-amz-request-id
JMZKXVTVKBXMFNH3
ETag
"3d711b47b30f72567b4877aff841d9d2"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
611325
x-amz-id-2
jMbVcYoQU5mJCckCqwONfwAMpvopyxnW/smz6E2ZRv/YmXmVhGr7VplyIsVQnmH9BwLrbBEW450T2BDfOLvQlw==
new-czech-thunbder-team.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/ 		413 KB
413 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/content/1-roster-changes/new-czech-thunbder-team.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7246f2abef9b0f8238a89c5a1e68209e17b51937f4fd210fee91eea3c6fbe7ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Fri, 10 Feb 2023 01:49:40 GMT
Server
AmazonS3
x-amz-request-id
JMZTWGFT5QNAQPCZ
ETag
"8ef1b8325fb3762e243531d6956352dc"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
422752
x-amz-id-2
C2Mg9L2FK/quUOPe7l9xlizXgmqpZ1Fp9GUq7lQcH/EFsCSqdWkqh+l++H7YMjji/t/u/D5J9JaKwpvnrJsAkg==
default.png
twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/default.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.64.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4747776ed92a8aa0c6b7c680d10c3a1d393a0487ace798e047d2a1488b3a209b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Last-Modified
Sun, 08 May 2022 06:50:23 GMT
Server
AmazonS3
x-amz-request-id
JMZQVQAPZXEH00X1
ETag
"73e579a6d563f71bb9717f189e87cfaf"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
12782
x-amz-id-2
dXME/IyLFeXdQRRgV5Ek7B/xCKuB5UDhjIL4dkgdc4qD0LBYhGiQlWUx+HCBYIuH634DUaMDr2jaIsdpPtfKNg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 10:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
2079
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 13 Nov 2024 10:36:45 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 09:06:45 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
7480
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
yixaKEQG_x4DKWeH7U4reWBSZZ4UsE-7YrWIkcLGES5yIEcgVguCvw==
5dff1804-8b85-4514-bcc6-4b8fb563a913
config.aps.amazon-adsystem.com/configs/ 		537 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/5dff1804-8b85-4514-bcc6-4b8fb563a913
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
87c0dc80f4f650aea2f16ba7b3b8aca13b94f4f876d91bcf70de2141643364db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 10:35:32 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2152
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
W2bVBBjshmkoBAybAG2mw3LaDDKtrn05AJMksyw6Ebfn2tkGo8gMuQ==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftwire.gg&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e286c2fb9da74360de127c0143bfa018f6b110b18e699151656752dc7acb95c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:46:52 GMT
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
19471
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://twire.gg
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1594
x-amz-cf-id
ZSzEkQ81_5Hg8IasRTlMWb8SyGGJagtN_G05A0jjPpxLCiOTBtpu-Q==
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:a800:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date
Tue, 14 Nov 2023 02:18:43 GMT
via
1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
32375
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
T_DtBDFfv_Q5fc5LIfpVnH6uLqhIWC1bqB6ftxHu5UZFEdnvlcCjag==
js
www.googletagmanager.com/gtag/ 		280 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P0G2P3FQKZ
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/twire.adn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef8f85ca64ad49a9f3c182fbf277c4d3b8bba59c41f3e44e3a00107db922744d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94622
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 11:11:24 GMT
js
www.googletagmanager.com/gtag/ 		277 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P0G2P3FQKZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDKRHQ2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b30d7aedc7504c3afb76d8a0911a72b9f7a9a77513b5524f12ecb35cf1afe596
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93565
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 11:11:24 GMT
DefaultAff.aspx
members.bet365.de/Members/Helpers/ Frame 931D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_02157900
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/js/clever.de.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-RAY
825ed0420bfa1c9d-FRA
Cache-Control
max-age=15
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Nov 2023 11:11:24 GMT
Expires
Tue, 14 Nov 2023 11:11:39 GMT
Referrer-Policy
same-origin
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 14 Nov 2023 11:26:24 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&ref=&_it=amazon&partner_id=479
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
1662
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
825ed04209af4d5b-FRA
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		146 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a726b720a08323e442331a9a1ab4a9028a708852d293c09925e2ed6b5fca56
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:47:12 GMT
server
cloudflare
x-amz-request-id
QP4FA5R8WK8ZNQAK
age
2060
etag
W/"6fff3300e0f1877d9a9539bf74fe5483"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
825ed0420bf339f1-FRA
x-amz-id-2
LLGy2ukJ2XDRClnM1z0wydEu9UAtHnYxgayINnan6lgewqo8V1GLrTL9KSfbRLEErPY4vpHko+Er8oQVwgrFIg==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.16.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-16-30.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 14 Nov 2023 11:11:24 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.16.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-16-30.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twire.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 14 Nov 2023 11:11:24 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&pid=MkdeWYV68tsvs&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22gpt_unit_%2F339474670%2C22606297850%2FTwire%2FATF_0%22%2C%22s%22%3A%5B%22320x50%22%2C%22320x100%22%2C%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F339474670%2C22606297850%2FTwire%2FATF%22%7D%5D&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
F1VRZXAJM73484XFEKMT
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ew1NDekvV2WAaGNDO2GMqM1oxkrlxbNX6FTkAUMnvdHZnHwcdGPhiw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&pid=MkdeWYV68tsvs&cb=1&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22gpt_unit_%2F339474670%2C22606297850%2FTwire%2FInContent_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F339474670%2C22606297850%2FTwire%2FInContent%22%7D%5D&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
7FWWM0JM54E6CBSVM709
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
n_ELqcinERY8ab1pNPnPHhwelR9348n6RdwDh_GsxDkUQOYeJxP6zw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&pid=MkdeWYV68tsvs&cb=2&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22gpt_unit_%2F339474670%2C22606297850%2FTwire%2FInContent_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F339474670%2C22606297850%2FTwire%2FInContent%22%7D%5D&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
ES67DHYPW42BVCBG61AX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
G7dVDXZIAKYB4v8TG67ISE8mpiLprt4osKuEGavRjUybQC4c8b-1ew==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&pid=MkdeWYV68tsvs&cb=3&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22gpt_unit_%2F339474670%2C22606297850%2FTwire%2FInContent_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F339474670%2C22606297850%2FTwire%2FInContent%22%7D%5D&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
2Y179159H6J9AXKV8FG3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
vTM2ckjghK9_J1olyeUR65EKaMZdtH0KCXzH9Sq3SOl4JL-ME760Mw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&pid=MkdeWYV68tsvs&cb=4&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22gpt_unit_%2F339474670%2C22606297850%2FTwire%2FInContent_3%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F339474670%2C22606297850%2FTwire%2FInContent%22%7D%5D&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
7FZVGWMHE7SS5XNHVVZ4
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
-mCFdKilT0rCZgkjrCp8dIdW5e5ecmyvPFjVwcBz9TfIfKTZuOBEfA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&pid=MkdeWYV68tsvs&cb=5&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22gpt_unit_%2F339474670%2C22606297850%2FTwire%2FSticky_Footer_0%22%2C%22s%22%3A%5B%22320x50%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F339474670%2C22606297850%2FTwire%2FSticky_Footer%22%7D%5D&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
B9Q8A9JD4767067FGHJT
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
M_JnUQZa1tml2MhPrCOiXJPzvrxW3zy27fE7Mkixe5sPRfG1ijOReA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&pid=MkdeWYV68tsvs&cb=6&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22gpt_unit_%2F339474670%2C22606297850%2FTwire%2FTwire_Interstitial_0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F339474670%2C22606297850%2FTwire%2FTwire_Interstitial%22%7D%5D&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
2T36K5CFN3QPW7143K9G
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Aaz3WELC6Ng0cLBdvh1p4bmLhnXH-dHg3Cl8ztf6ps8ItfI3D0PhoA==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17482
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230100-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gV8VaEAGgN7b83K%2FMcXAyj5lNPAD4WiWjH2sos6YGFJCypnmgL01UDZLBw1Gkr8pyJnEQfBYcUYpHjbI%2Bt6EwQxjTy0E5%2FxuhRqWDVpUbn9VFnHt5wc5xxeMbVT3Ss233HZGo5qUqTGi3JUSKA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
825ed042ebe130f9-FRA
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 16:25:56 GMT
content-encoding
gzip
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
67529
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
oCZXMpaC0d2Z5_Djff9TkN4iPvdmz96V-Zuy2BhGOdYgY2QiDP_YZQ==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
1b389e1ef3318f84ec2e778c76f85356
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
282522
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
825ed0431d474dbb-FRA
expires
Fri, 17 Nov 2023 11:11:24 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Nov 2023 11:11:24 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:38:57 GMT
content-encoding
gzip
age
189147
x-guploader-uploadid
ABPtcPqNl0_c7mOVHVehFbpvBDCYrlpMq3zlKY0iT8ZNCSTUmKqOFKvvyge5cYXvjpEp3qctN1IhbOKtoVDeGx23F8-Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 11 Nov 2024 06:38:57 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		147 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02f712bafaaaf093abcbe50187969700636642c4a9b659974eae2da90b2f914
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:47:12 GMT
server
cloudflare
x-amz-request-id
T0X0E3CHZTTH9369
age
3590
etag
W/"c129d5681852fdb4346e144820aba0c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
825ed0429c9a39f1-FRA
x-amz-id-2
q5p5l0hA06hwHSRPXmorz7KPnU+8X+EQk9BZMNRo+BGdrnZ7/EtPZZerWfVIjM5GgEKkMAwwRXQ=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:6000:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Tue, 14 Nov 2023 06:17:34 GMT
Via
1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
17631
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
YzpuXWZG4S6pjLoU0uOTEueIJ8XeLcV6fH-YewOK3KZ234rBc-C4Jw==
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		708 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&PageUrl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&PageReferrer=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
55f6cfee5602fbf95013f492ef828b4563276573fbe92452a43cba45d5e60c56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
via
kong/2.8.4
x-content-type-options
nosniff
content-encoding
gzip
x-kong-proxy-latency
0
x-kong-upstream-latency
516
pragma
no-cache
access-control-max-age
3600
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://twire.gg
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b61facd86cbcd4fa6cf680d91d3709e5bb28af1af595e465ba35c46eba647ee0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
img.fetch
udmserve.net/udm/ 		0
0
hb
ssc.33across.com/api/v1/ 		66 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
62906328092ea4fa14e7d22b1e448868de3bd3832868b7436e7d0e821e30ccb9

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0-pre&cb=73991722944&lsavail=0
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://twire.gg
date
Tue, 14 Nov 2023 11:11:23 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=940671
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ece948d62a4eda0956596f1b363e8ed2de06d1c66c92ad021423d2ae51e06ba

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zjQyM8t3FVrM%2Bex2QtQ2fu2DjeKIMCt9D%2FFZS07MKsA8BMH%2FPYNYcuPOo%2BLpANpp%2FxNQP8hsQrBAHGX4wXJi7d6CGHQsbx9DFKUJHc6GWMQI5oRulfEYsQH6mXb%2BgdeWaEafHtH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
825ed043bef303a0-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 14 Nov 2023 11:11:24 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://twire.gg
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUAID4GW
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
3c24fcc82d47cfdd47b6d5051a9fca1e8b8416f1570b85974a4fc42e8fb4401d

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 11:11:24 GMT
bid
ap.lijit.com/rtb/ 		24 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.6.0-pre
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
cfa58e7051d4ff0467a2324fd3bb9d98ab55fdc6c00e6a9bf7bfdd63290ab12c

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://twire.gg
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
auction
tlx.3lift.com/header/ 		19 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0-pre&referrer=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tmax=1300
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.231.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-231-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
accept-ch
sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8e1a8d02505b47fd6a3a0b11f188baf8cbcb165fa39ab7cd0426dd1ea3f15588
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
an-x-request-uuid
0f235eca-3dbf-4601-9d7b-e57b52e54ead
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		381 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FSticky_Footer&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=27f3c35d605e32b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F339474670%2C22606297850%2FTwire%2FSticky_Footer&slots=1&rand=0.8983692338916722
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e4aa98fac565d97669f3e22a887044aa3288775263144509865653fbe6233d2b

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
381
expires
Wed, 17 Sep 1975 21:32:10 GMT
img.fetch
udmserve.net/udm/ 		0
0
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUAID4GW
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
d2c75f775f72347fa69ca6d9f8c8594e44c9092277f095913d00916a80cd3a2b

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:23 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 11:11:24 GMT
bid
ap.lijit.com/rtb/ 		24 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.6.0-pre
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
cbd669a7e65b9316db3b68584e8908ede860be590c9e9ae52042415173d7a869

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://twire.gg
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
cdb
bidder.criteo.com/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0-pre&cb=42782881219&lsavail=0
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://twire.gg
date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=940671
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
925faafb3587f612ecc0b56301e323e5f023c2d1d484ccd3a9ddc5a9724af342

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcIUhoBZGhinixkRCXb1c%2BBuiVaClcabx1IOxNROIV2Xym9KXICttjC21QRWYow3FxJEn%2FbRIvatucLEZpSG4yv07Gk53s2XEJSQOJegNHRS27Rd5vXDVgNAT%2FaMEMcua%2BVy%2FEHG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
825ed043bef603a0-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		371 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FATF&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=40c59d21e180e96&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F339474670%2C22606297850%2FTwire%2FATF&slots=1&rand=0.3335618761593835
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
37a31522c9e0f219853289e55fbdf8ff8b37e2ad72a6a3f7044e8aa0a03795e1

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
371
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		714 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&PageUrl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&PageReferrer=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
baa21fe77fd113e4b10fac2adf4fbcce0dbc0b5a9c5d9ecb135afb85fc1a162f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
via
kong/2.8.4
x-content-type-options
nosniff
content-encoding
gzip
x-kong-proxy-latency
0
x-kong-upstream-latency
267
pragma
no-cache
access-control-max-age
3600
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://twire.gg
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
hb
ssc.33across.com/api/v1/ 		66 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a7cdae9a6c33e2f3aa1cdebb00a758f5d374fa5fefa5ca5417f77e00243b98f8

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
auction
tlx.3lift.com/header/ 		19 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0-pre&referrer=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tmax=1300
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.231.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-231-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
accept-ch
sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
54234ee178ff4e627c78c241034f0a3f5eb4ec4ae37b40b8b1209090985257a6

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		139 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fd354a1fc5f64b1c93f0e04e91f0d66ffbfe3e0fd9f7fb537a5a72830049bc9b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
an-x-request-uuid
24694e8f-1979-4aa2-963c-2dfac2d711b2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 14 Nov 2023 11:11:23 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://twire.gg
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
07f03e8521ea0d72b92d873e2485531de3ac8e695118567c6acedda121e54d81

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
auction
tlx.3lift.com/header/ 		19 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0-pre&referrer=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tmax=1300
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.231.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-231-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory
x-auction-status
12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUAID4GW
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
e42d23adeab3ab7c6780676cee144e7d6f480dd35afa9831378350fea8a59de7

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 11:11:24 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 14 Nov 2023 11:11:24 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://twire.gg
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
hb
ssc.33across.com/api/v1/ 		66 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
e61c4e6329cd556c29d06b734619e457a543cfe363501bb52f0c55c10eb5a0c5

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
e61c4e6329cd556c29d06b734619e457a543cfe363501bb52f0c55c10eb5a0c5

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
e61c4e6329cd556c29d06b734619e457a543cfe363501bb52f0c55c10eb5a0c5

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
e61c4e6329cd556c29d06b734619e457a543cfe363501bb52f0c55c10eb5a0c5

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:24 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdb
bidder.criteo.com/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0-pre&cb=24798990382&lsavail=0
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://twire.gg
date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		472 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4f7fb3df41709ac9f09cf7d6aa14502f215374d936f1048ecd7b5c66ea9dbbd9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
an-x-request-uuid
69c19dec-ca98-4f4e-b476-42b1993517cf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
472
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
img.fetch
udmserve.net/udm/ 		0
0
bid
ap.lijit.com/rtb/ 		25 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.6.0-pre
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
ac13bccbe12484a3dd0e5ee56b867858796f218043c8532d34d9e547750a5f8b

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Nov 2023 11:11:24 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://twire.gg
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 KB
1009 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&PageUrl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&PageReferrer=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2d97f60c7471f1b7cf1e6a945d1d380dc12fb30bfb7bc7fa0986d415300483f0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
kong/2.8.4
x-kong-proxy-latency
0
x-kong-upstream-latency
260
content-length
591
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=1207623ab5b763e5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.43324334655027297
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
029a7bcb251af1d4513838175b2196ab925b083ab4ecda64a4af7fd8d9643d0c

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=1217becc56f6a2ed&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8186311073367012
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c8b8b8f0e47dea298e1b1006c1aaa1fed755aaa5519925182494cb3776405490

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=122b52f0b71c0c77&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8415426500574661
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b3120ae4d2b9fa5abe1421a5319cce0f067445b751276b43b63dda0dafb9ef61

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=123fe34e861ee826&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F339474670%2C22606297850%2FTwire%2FInContent&slots=1&rand=0.7967042685674308
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b57e305442d6fbed80ca4a0cf50e79c40d2042f8fbe1288d12c8210b10074939

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=940671
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02eeeb46f47a84308caf029a8734b064447a0f52e01b30e56fb4d73d2228d150

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxKU4UJ5d0pCto4cmTYJF5ZwqWz0XrrJOuUJvS7YnTxnZWPEAIu6Fp9a2sFeYvuf78K1k%2B3l6ToNiBk%2BIK5xo4LFxgtsL7JriKOk3Yqw8CAptrBNxSk9NCyiuejuoxXYfQ9vRFBy"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
825ed043cf0903a0-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3003470240693621&correlator=4222112799929477&eid=31079522%2C31079661%2C31079380%2C44807690%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=339474670%3A22606297850%2CTwire%2CATF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=1&didk=1113049089&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699960284828&lmt=1687341741&adxs=152&adys=102&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&vis=1&psz=1480x100&msz=1416x0&fws=4&ohw=1600&ga_vid=1383128441.1699960284&ga_sid=1699960285&ga_hid=513165606&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlsud7LwxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiWy53svDFIAFICCGQSGQoKcHViY2lkLm9yZxiWy53svDFIAFICCGQSFwoIcnRiaG91c2UYlsud7LwxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJbLney8MUgAUgIIZBIUCgVvcGVueBiXy53svDFIAFICCGQSGQoKdWlkYXBpLmNvbRiXy53svDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJfLney8MUgAUgIIZA..&dlt=1699960283113&idt=1354&prev_scp=amznbid%3D1%26amznp%3D1&adks=4212285392&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e28c52bc74fd27437cb09974e84361338c8b361d668ab5d2ed988d91e450ea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11593
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA7F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:25 GMT
expires
Wed, 13 Nov 2024 11:11:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3003470240693621&correlator=2545723939590006&eid=31079522%2C31079661%2C31079380%2C44807690%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=339474670%3A22606297850%2CTwire%2CInContent&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=2&didk=2594429819&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699960284842&lmt=1687341741&adxs=152&adys=1449&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&vis=1&psz=816x3180&msz=816x0&fws=4&ohw=816&ga_vid=1383128441.1699960284&ga_sid=1699960285&ga_hid=513165606&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlsud7LwxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiWy53svDFIAFICCGQSGQoKcHViY2lkLm9yZxiWy53svDFIAFICCGQSFwoIcnRiaG91c2UYlsud7LwxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJbLney8MUgAUgIIZBIUCgVvcGVueBiXy53svDFIAFICCGQSGQoKdWlkYXBpLmNvbRiXy53svDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJfLney8MUgAUgIIZA..&dlt=1699960283113&idt=1354&prev_scp=amznbid%3D1%26amznp%3D1&adks=2345190520&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fc9f06e5be2e5ba9de022d7fea9175f0f5b9c1c7591abf5ad8e653d18b495c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11324
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3003470240693621&correlator=2066292063115866&eid=31079522%2C31079661%2C31079380%2C44807690%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=339474670%3A22606297850%2CTwire%2CInContent&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=3&didk=2594429816&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699960284848&lmt=1687341741&adxs=152&adys=891&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&vis=1&psz=816x530&msz=816x0&fws=4&ohw=816&ga_vid=1383128441.1699960284&ga_sid=1699960285&ga_hid=513165606&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlsud7LwxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiWy53svDFIAFICCGQSGQoKcHViY2lkLm9yZxiWy53svDFIAFICCGQSFwoIcnRiaG91c2UYlsud7LwxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJbLney8MUgAUgIIZBIUCgVvcGVueBiXy53svDFIAFICCGQSGQoKdWlkYXBpLmNvbRiXy53svDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJfLney8MUgAUgIIZA..&dlt=1699960283113&idt=1354&prev_scp=amznbid%3D1%26amznp%3D1&adks=3722014537&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ace528e1f41f22c0c2c12c3e9547f1895248b65c1aa5bc8b3bea218f7f0861e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13282
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://twire.gg
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3003470240693621&correlator=386599784155908&eid=31079522%2C31079661%2C31079380%2C44807690%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=339474670%3A22606297850%2CTwire%2CSticky_Footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=4&didk=464146772&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699960284854&lmt=1687341741&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=1383128441.1699960284&ga_sid=1699960285&ga_hid=513165606&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlsud7LwxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiWy53svDFIAFICCGQSGQoKcHViY2lkLm9yZxiWy53svDFIAFICCGQSFwoIcnRiaG91c2UYlsud7LwxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJbLney8MUgAUgIIZBIUCgVvcGVueBiXy53svDFIAFICCGQSGQoKdWlkYXBpLmNvbRiXy53svDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJfLney8MUgAUgIIZA..&dlt=1699960283113&idt=1354&prev_scp=amznbid%3D1%26amznp%3D1&adks=281227281&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86f64fe60b59830dc9669ad13778995ee98117652317d94e357470288b95d8ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11486
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
hadron.json
id.hadron.ad.gt/v1/ 		93 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=479&sync=0&domain=twire.gg&url=https://twire.gg/en/pubg
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&ref=&_it=amazon&partner_id=479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c4f1efd8ec20b1a4dea1ea53efd43a6eaa9d8ff58a81280b7711fb5dce151cf

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
825ed04708e59bee-FRA
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P0G2P3FQKZ&gtm=45je3b81v9101290881&_p=1699960283130&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1383128441.1699960284&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699960284&sct=1&seg=0&dl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&dt=All%20about%20PUBG%20Esports%20%7C%20Twire&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1903
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0G2P3FQKZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P0G2P3FQKZ&cid=1383128441.1699960284&gtm=45je3b81v9101290881&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0G2P3FQKZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P0G2P3FQKZ&cid=1383128441.1699960284&gtm=45je3b81v9101290881&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1712096327
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=479&sync=0&domain=twire.gg&url=https://twire.gg/en/pubg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://twire.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
825ed0451f139bee-FRA
content-length
0
content-type
application/json
date
Tue, 14 Nov 2023 11:11:25 GMT
debug
OPTIONS block
expires
Wed, 13 Nov 2024 11:11:25 GMT
server
cloudflare
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TGS0SKWZ8C&gtm=45je3b81v875074973&_p=1699960283130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1383128441.1699960284&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1699960283&sct=1&seg=1&dl=https%3A%2F%2Ftwire.gg%2F&dt=All%20about%20PUBG%20Esports%20%7C%20Twire&en=page_view&_ee=1&_et=3&tfd=1940
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TGS0SKWZ8C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
increment
id5-sync.com/api/esp/ 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://twire.gg
date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
encrypt
esp.rtbhouse.com/ 		157 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
f66a6055826b5709194452448c4d99ccea7ec23d013a7c1537e0d38cdd26f831

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
b25f8117776a5de26b18882129827675
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
157
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 14 Nov 2023 11:11:24 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://twire.gg
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUAID4GW
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
fad9663a8a15a1f342f446d1c54ced0e9dbbd6767b14201d9a0199a9a49ac19b

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 11:11:25 GMT
auction
tlx.3lift.com/header/ 		19 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0-pre&referrer=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tmax=1300
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.231.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-231-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
accept-ch
sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height
x-auction-status
12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0-pre&cb=80338397253&lsavail=0
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://twire.gg
date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		476 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1111ba75630b2133e6a1c8c8c9b29e767ca0892ab515d2b2c36a96e721836225
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
an-x-request-uuid
913d9df6-f81a-410d-a245-b95e5bcfd4a8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
476
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
img.fetch
udmserve.net/udm/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=940671
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f9ea849ddf908de55efc70e0081034bd858ac57ebf83111e81dda7ec69a2878

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FLkRANESzv5BBmyIGkh04xT6B8wCZZExfuvON2pWvAgSt5sgH6uQVq8dPhjr8xo6cRTvIDsVTpZHrzfaPCAei0KXcSV9J9Gij2QcU4tCtL7hk%2BaGBPKkSYc%2Fm%2FCExstf61FtTUm"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
825ed046eaeb03a0-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
758cea4782f8fa93cbdc144859b3fda8cf28840bd7fa6d3aa67a82564ad223fe

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=171ffdb5c2d976d8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9147648184403017
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3fb09d8dfa98a366b6028bd580a7768cfd1401fe4489816f45b0e3a41b73f817

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=17274ed60ad1828a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.33527010042011507
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
048113ac1aa883dfcb151ca3e9005b3e94d00a53350f25d16091974d0e76a250

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=1739b9f3621529e4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7108712242947199
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
10f2ada9b28ca8b3fc2deb7db2510406a9e57fb8eec6e9357d5aa32d16383698

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=174cb4698486972b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F339474670%2C22606297850%2FTwire%2FInContent&slots=1&rand=0.4845339786951537
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
464ee4c87c40a60321e8c1a9ce2a1850bf71487c4073c0a188859fade4a3a0b0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
ssc.33across.com/api/v1/ 		67 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8c94de205aa27277f9b252832125105a71fb66c53d31516e271daec285743b48

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8c94de205aa27277f9b252832125105a71fb66c53d31516e271daec285743b48

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8c94de205aa27277f9b252832125105a71fb66c53d31516e271daec285743b48

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8c94de205aa27277f9b252832125105a71fb66c53d31516e271daec285743b48

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bid
ap.lijit.com/rtb/ 		25 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.6.0-pre
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c78d0e406dc1a48d92adc76ffef89f5bf019c65f5b48de67320a25d8cafd6ca6

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://twire.gg
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 KB
1009 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&PageUrl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&PageReferrer=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cf49bcce1a47f995f14194cd2010b15e628fe45bc70af25a2e28b76d03418868
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
kong/2.8.4
x-kong-proxy-latency
0
x-kong-upstream-latency
241
content-length
592
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&rid=esp&cc=1
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
315a44f8e051f7e56b987d0c2b1e346843f646d146cdf1c54bbb5bd96cebc434

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-xNCCEYi0UdcRV/eC1sSAGRHHwiI"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 14 Nov 2023 11:11:25 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://twire.gg
location
/esp?url=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame 8FF1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=twire.gg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:24 GMT
server
Kestrel
server-processing-duration-in-ticks
399981
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
map
bcp.crwdcntrl.net/6/ 		60 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.8.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e8addf983432df71ff2c184d64aea3981cd9de6ad3785ee06d35aed20a4b9008

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://twire.gg
cache-control
no-cache
x-server
10.45.20.237
access-control-allow-credentials
true
content-length
60
expires
0
container.html
436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7CDB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:25 GMT
expires
Wed, 13 Nov 2024 11:11:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P0G2P3FQKZ&gtm=45je3b81v9101290881&_p=1699960283130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1383128441.1699960284&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&dl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&dr=https%3A%2F%2Ftwire.gg%2F&sid=1699960284&sct=1&seg=1&dt=All%20about%20PUBG%20Esports%20%7C%20Twire&en=page_view&_et=41&tfd=2305
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0G2P3FQKZ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame FCDE 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 10 Nov 2023 02:37:57 GMT
age
376408
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 09 Nov 2024 02:37:57 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame FCDE 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Nov 2023 05:14:53 GMT
age
21392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Nov 2024 05:14:53 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame FCDE 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 10 Nov 2023 03:53:12 GMT
age
371893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 09 Nov 2024 03:53:12 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame FCDE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 10 Nov 2023 01:14:32 GMT
age
381413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 09 Nov 2024 01:14:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame FCDE 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 09 Nov 2023 14:54:32 GMT
age
418613
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 08 Nov 2024 14:54:32 GMT
truncated
/ Frame FCDE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e168784fa46cd4d5eaa9909c90cf5c6a2e3e82c633acd332fc592d3b9ec1480

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
7493296606186054615
tpc.googlesyndication.com/daca_images/simgad/ Frame FCDE 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/7493296606186054615
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c18ead6052b1821a35ef8f730679882af10c4295af27f4cb433e03b267bcbdf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:10:09 GMT
x-content-type-options
nosniff
age
334876
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86208
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 14:49:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Nov 2024 14:10:09 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FCDE 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 17:17:56 GMT
x-content-type-options
nosniff
server
cafe
age
64409
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 14 Nov 2023 17:17:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FCDE 		295 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 21:36:38 GMT
x-content-type-options
nosniff
server
cafe
age
48887
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 14 Nov 2023 21:36:38 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame FCDE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvPxV3FVTZc_zNtb8x_AP5qGkwAaSi4GOdMDjnvayErL00uCyARABIOWf7ixglYqJjrAHoAGCmP3gA8gBAqkCc8teDArysT7gAgCoAwHIAwiqBKQCT9AxHUrrMeknikFgK-z7JXfRNRT05j6SYtHYU_GYI9bLSJ1Vxuebon9qm1YbR1fYOHRCQjy2EhUEz49NvAynZ9BWwghVbiVpBNoqQPpfFoPJD7mjGRzsh-p37eqs76ZV68UKozPZYP0LrJAxJZxkFJg5l2EoWlb5VqX3WEdc49B8AEgAgLTEd5Z5l4YkTb86P-vEFVsiI30zFc2NMfek3LdycuKDfrR_IG0_K8qtk7m5uJPAPHBT40K1fP_9_ndG8OhZn0kHq6rmJlnaliu4uC2J3PnsXWqdbeKGjzZpDt2uwbMPLbsveDiptdafbiLRe1vxnqpHFbW6lTl98L2O2DJ9C7mDQ5EqR2_miKdAnUsNCVSqXqEd1w4VUb6OK2G8oVc1lcAEhaSumL4E4AQBiAWn-f7yTKAGAoAHxOTENqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMTMFtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCUFodHRwczovL2ZpbGlhbGUua2F1ZmxhbmQuZGUvc29ydGltZW50L2VpZ2VubWFya2VuL2stY2FyaW51cmEuaHRtbIAKA8gLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLiDRMIv7Smx63DggMVVv4RCB3mEAlo2BMD0BUBmBYBgBcBshceChwIABIUcHViLTc1Mjg5NDkzODU5MDkwOTkYrosi&sigh=_tw7k-avey4&uach_m=[UACH]&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTwDICaaN3Y8c3wng22ok88aX5Ok8c1G7J04au3zQvJ7ApBTnkQ-5nah8_A01ynGXc_XWyZHxiK6WnGISTc2E-Xu6smMiIV6T6-fXQjklS1wYAQ
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
container.html
436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0F49 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:25 GMT
expires
Wed, 13 Nov 2024 11:11:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sid
mug.criteo.com/ Frame 8FF1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=twire.gg&sn=ChromeSyncframe&so=0&topUrl=twire.gg&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=9GgwAnxreXBudUhwVnBSS3hSRGVlMU55enQ5WVQ3REV3UzYvTFhaQkN5RER6WmJCNDlubzczTUxUWUlYTEdHVGpPcUc0OFk5UUc4ZWYxaW1IODNZRUc3clR0bEd2ZEduRHlRWSttMUpYbGNEOEpPYlIvL25ZT09idTgxRU...
436 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=9GgwAnxreXBudUhwVnBSS3hSRGVlMU55enQ5WVQ3REV3UzYvTFhaQkN5RER6WmJCNDlubzczTUxUWUlYTEdHVGpPcUc0OFk5UUc4ZWYxaW1IODNZRUc3clR0bEd2ZEduRHlRWSttMUpYbGNEOEpPYlIvL25ZT09idTgxRUNkb1Vid2dPcTdpNjRsZDBVSVZaQzllaGxRU0lPbTVsZi9DbVNmSGpvTUtNZTQyZkJ3ZnBzTXJkTVRyNjFOK2Z4Z3I5REdZMmlMVlI5Q0VpZlkvdkRIUDE4YW5Yd2FkWHVJRjdOcHBCM21ab0JNRjFKMlNGaHNVczdiWnJZWk4wcmJMZXl2VkNRQ1BLYm9QWUJGSTU4UDVBKzRvNjJxZz09fA&cppv=2
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3318fa487719e51889a7dcf020018f2352b77b8e0de82f9d867ee2d522e61e73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
966954
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=9GgwAnxreXBudUhwVnBSS3hSRGVlMU55enQ5WVQ3REV3UzYvTFhaQkN5RER6WmJCNDlubzczTUxUWUlYTEdHVGpPcUc0OFk5UUc4ZWYxaW1IODNZRUc3clR0bEd2ZEduRHlRWSttMUpYbGNEOEpPYlIvL25ZT09idTgxRUNkb1Vid2dPcTdpNjRsZDBVSVZaQzllaGxRU0lPbTVsZi9DbVNmSGpvTUtNZTQyZkJ3ZnBzTXJkTVRyNjFOK2Z4Z3I5REdZMmlMVlI5Q0VpZlkvdkRIUDE4YW5Yd2FkWHVJRjdOcHBCM21ab0JNRjFKMlNGaHNVczdiWnJZWk4wcmJMZXl2VkNRQ1BLYm9QWUJGSTU4UDVBKzRvNjJxZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
259948
content-length
0
expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4BFD 		624 B
826 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNVCVoLYWO832TARnWaYjaAzV8PDGuMcBLa9CTo6xykf54MDU0uCLWb_QZZ91ZVUCLIMJ61q0vGQ3ulbmMfEAe7wKcbtpSk63NT-DTd8-7Y5owZGhHbYvVIDeRackXz3M-oBgAG048JSVDmlUPSPRAKVJRksk_ryJHmUS8Dyn4crBETsSMzQU3G2PTbMYACH4uCkterXzO3ysFDhUbRtCJMv-dtjVA
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:25 GMT
expires
Tue, 14 Nov 2023 11:11:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7CDB 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 11:11:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7CDB 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bznxu7DTExxhhdDVSZCTnbx6IZT_c-NQb6rTcfUiErJT73saZdkXwbp3d1yAElY0y_Wmhj-ZgAmdX0UB7e0E6uo6xV5dPcJYNz8ZMbek5fmeYJ-Ow
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7CDB 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15522261777459246207&x=1&ct=77
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7CDB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:51:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
69607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 15:51:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7CDB 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
69600
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 15:51:25 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7CDB 		199 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699878811805094"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 11:11:25 GMT
479
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/479?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&ref=&_it=amazon&partner_id=479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
517c5f4bf739fb7d6f1198a30055b2042c817ac159beb202ec1be0c06128cce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 11:10:55 GMT
server
cloudflare
age
30
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
825ed0486aea9b8e-FRA
container.html
436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA1C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:25 GMT
expires
Wed, 13 Nov 2024 11:11:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame A225 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNXDvBweobNgOE4SyWJCQInGcU8qldbk66xG5gjxpGHX97LcKP9SDkZZTl3OGoHAS0vpkfvuHl_MEg3idGsHWLuZbtnWCdJFJvDQK_BdT9GYPiFewZTRF_651XJj9Rez6xW7QF_hPjaA7rb9Ve2WWSxqd1yhJnxO_zK__LIVRuOAPvrrjGwkWDzxSlAQj3zD48C2GHderMgOfA9NmYftKS51MUxrvQ
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0F49 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 11:11:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F49 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AAKi6J2C7LNXDeqDSE0S4RySKS7_M-VDUdR9dey72QTyUXELNJ1zO1f-HWFnTpa3la0e2nWUfl6y7iVnB4vpcpLaWGr9flcJLbtBI6qBGJ4wbJ6io
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F49 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5103071550939353379&x=1&ct=77
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0F49 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:51:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
69607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 15:51:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0F49 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
69600
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 15:51:25 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0F49 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699878811805094"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 11:11:25 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame ABC0 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNX0vvsf-01Vt4zfqIWDMTlFHiBn2E3eY6wfXWqT8j5R6YSZrEAiYCRnsFvy0GYkv1EM01O65Wmv5_YruqHlrAiljBJwecD1S2lHMnnfuEMDNjwvZShkGPCbDB-t8yu1hzDnds67HD5CbmLUc8pMUtNO0RZ2hvNx9zngw2NQ3wbQwZa26Crh-pCyqKqQT6VtzrMfLYZAJirSLlae-Xqa7AnMmxvNBg
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame BA1C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 11:11:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA1C 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DcKa6mD1utmIB74hM46yrtIU74de_sOe2FxVj69MOY66Panvh5Fo33GqQpJRCwSm8Y0DXQo_cTr65XaENhG8hduMrFEIYkbcFpzjhJjVDw7q_GDzU
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA1C 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18323929860426939094&x=1&ct=77
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BA1C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:51:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
69607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 15:51:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BA1C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
69600
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 15:51:25 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BA1C 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699878811805094"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 11:11:25 GMT
rum
dsum-sec.casalemedia.com/ Frame 4BFD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNVCVoLYWO832TARnWaYjaAzV8PDGuMcBLa9CTo6xykf54MDU0uCLWb_QZZ91ZVUCLIMJ61q0vGQ3ulbmMfEAe7wKcbtpSk63NT-DTd8-7Y5owZGhHbYvVIDeRackXz3M-oBgAG048JSVDmlUPSPRAKVJRksk_ryJHmUS8Dyn4crBETsSMzQU3G2PTbMYACH4uCkterXzO3ysFDhUbRtCJMv-dtjVA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnapjiN9OE%2FdnCZ1qVPCF47m80I9a%2Brnnn7R%2BmydihaFaJ9RNG3JcO1frA4gXab4Td%2BxQLc6zlViG01L%2FzHzYYkAsdISQdrJgFWbeMVti5irUOaLNVWBHGE9zmekPxCdOZF%2FeEZlf8JatA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ed0493da52c2b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4BFD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVNV3Q3t9Eex1CBZrRTnsgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNVCVoLYWO832TARnWaYjaAzV8PDGuMcBLa9CTo6xykf54MDU0uCLWb_QZZ91ZVUCLIMJ61q0vGQ3ulbmMfEAe7wKcbtpSk63NT-DTd8-7Y5owZGhHbYvVIDeRackXz3M-oBgAG048JSVDmlUPSPRAKVJRksk_ryJHmUS8Dyn4crBETsSMzQU3G2PTbMYACH4uCkterXzO3ysFDhUbRtCJMv-dtjVA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3gHuZROQSP57CGrGoMbhcyzb676jCRph9V%2FJf117QhJPAJCU%2F6txTyLnJTjYwxeo4rlS%2FdNvfWw7yte%2BAuXg0ZtQGHpSnttIWeCschO0r1%2Bw7n%2FsqNFwcRuefRh0F38Br9U5%2Ffhbhrshg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ed0493db02c2b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4BFD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDP5KoTu8rFqV04P6NthoW8&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDP5KoTu8rFqV04P6NthoW8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNVCVoLYWO832TARnWaYjaAzV8PDGuMcBLa9CTo6xykf54MDU0uCLWb_QZZ91ZVUCLIMJ61q0vGQ3ulbmMfEAe7wKcbtpSk63NT-DTd8-7Y5owZGhHbYvVIDeRackXz3M-oBgAG048JSVDmlUPSPRAKVJRksk_ryJHmUS8Dyn4crBETsSMzQU3G2PTbMYACH4uCkterXzO3ysFDhUbRtCJMv-dtjVA
Protocol
H2
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
an-x-request-uuid
9709003b-3ffc-44ea-bdd2-aeec4da46120
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDP5KoTu8rFqV04P6NthoW8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4BFD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE4NDgxMTEwOTQyNzY5NDQ4Mg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE4NDgxMTEwOTQyNzY5NDQ4Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNVCVoLYWO832TARnWaYjaAzV8PDGuMcBLa9CTo6xykf54MDU0uCLWb_QZZ91ZVUCLIMJ61q0vGQ3ulbmMfEAe7wKcbtpSk63NT-DTd8-7Y5owZGhHbYvVIDeRackXz3M-oBgAG048JSVDmlUPSPRAKVJRksk_ryJHmUS8Dyn4crBETsSMzQU3G2PTbMYACH4uCkterXzO3ysFDhUbRtCJMv-dtjVA
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
an-x-request-uuid
121eafc9-3a38-4f06-b8aa-4975fb094e89
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE4NDgxMTEwOTQyNzY5NDQ4Mg%3D%3D
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame FCDE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
H2
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Redirect headers

date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
7493296606186054615
tpc.googlesyndication.com/daca_images/simgad/ Frame FCDE 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/7493296606186054615
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c18ead6052b1821a35ef8f730679882af10c4295af27f4cb433e03b267bcbdf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:10:09 GMT
x-content-type-options
nosniff
age
334876
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86208
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 14:49:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Nov 2024 14:10:09 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FCDE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 17:17:56 GMT
x-content-type-options
nosniff
server
cafe
age
64409
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 14 Nov 2023 17:17:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FCDE 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 21:36:38 GMT
x-content-type-options
nosniff
server
cafe
age
48887
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 14 Nov 2023 21:36:38 GMT
rum
dsum-sec.casalemedia.com/ Frame A225
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNXDvBweobNgOE4SyWJCQInGcU8qldbk66xG5gjxpGHX97LcKP9SDkZZTl3OGoHAS0vpkfvuHl_MEg3idGsHWLuZbtnWCdJFJvDQK_BdT9GYPiFewZTRF_651XJj9Rez6xW7QF_hPjaA7rb9Ve2WWSxqd1yhJnxO_zK__LIVRuOAPvrrjGwkWDzxSlAQj3zD48C2GHderMgOfA9NmYftKS51MUxrvQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUjBfCX2LyUeK8%2FjdjO3Xp01iloRGveuEQblMm9bhAP9H83UgScU5gyrBCK5VO8oZbxos7Sg3Vd34h3rQcHel4gyXLNiOd1wDbFL0RkSEE88VNRxCG3XQjjKLLlg0O%2BOJDyRY4sRvhwauA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ed0493da42c2b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A225
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVNV3Q3t9Eex1CBZrRTnsgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNXDvBweobNgOE4SyWJCQInGcU8qldbk66xG5gjxpGHX97LcKP9SDkZZTl3OGoHAS0vpkfvuHl_MEg3idGsHWLuZbtnWCdJFJvDQK_BdT9GYPiFewZTRF_651XJj9Rez6xW7QF_hPjaA7rb9Ve2WWSxqd1yhJnxO_zK__LIVRuOAPvrrjGwkWDzxSlAQj3zD48C2GHderMgOfA9NmYftKS51MUxrvQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGz8FZ91CpVvrDMfXc9R5HdS6zj5qFx1c3XSQbxqBQ2WW2JmGwAIV9XPGAizf8VyUDhqa74uaCtV%2FB8EYIPqZR%2BBwKKQRE%2Bv4yFIf11p0f2ImBQHbz9zDr9arpAeYo3c921globj%2BlnTEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ed0493dae2c2b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A225
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDP5KoTu8rFqV04P6NthoW8&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDP5KoTu8rFqV04P6NthoW8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNXDvBweobNgOE4SyWJCQInGcU8qldbk66xG5gjxpGHX97LcKP9SDkZZTl3OGoHAS0vpkfvuHl_MEg3idGsHWLuZbtnWCdJFJvDQK_BdT9GYPiFewZTRF_651XJj9Rez6xW7QF_hPjaA7rb9Ve2WWSxqd1yhJnxO_zK__LIVRuOAPvrrjGwkWDzxSlAQj3zD48C2GHderMgOfA9NmYftKS51MUxrvQ
Protocol
H2
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
an-x-request-uuid
d1713ba7-dcf9-482e-a408-1837302c9cf9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDP5KoTu8rFqV04P6NthoW8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A225
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE4NDgxMTEwOTQyNzY5NDQ4Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE4NDgxMTEwOTQyNzY5NDQ4Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNXDvBweobNgOE4SyWJCQInGcU8qldbk66xG5gjxpGHX97LcKP9SDkZZTl3OGoHAS0vpkfvuHl_MEg3idGsHWLuZbtnWCdJFJvDQK_BdT9GYPiFewZTRF_651XJj9Rez6xW7QF_hPjaA7rb9Ve2WWSxqd1yhJnxO_zK__LIVRuOAPvrrjGwkWDzxSlAQj3zD48C2GHderMgOfA9NmYftKS51MUxrvQ
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
an-x-request-uuid
82275525-542e-475c-8aa9-803b483cfec6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE4NDgxMTEwOTQyNzY5NDQ4Mg%3D%3D
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7CDB 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7928568888769&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7CDB 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7928568888769&version=m202309260101&ct=77&x=1&cor=15522261777459247000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7CDB 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIQzCy8wXMHa3EI-VUTUlIdQRAttVGwxWglG-i4D-CHPTaEwx7DVJLOqBtVZDpSX-sKlEwDd8B2NXCKo1WWQ9i7q_lnQAB94tI2ZE0DqNK80DIOiEaJEkWGX0eJIwaK2oBRufhKs8nSjb4gZ5HKwihqgHvSclpxSJOwQ22QK0BMaAA-SU&cry=1&dbm_d=AKAmf-DzD5Hyv6wvAndIk2CSvuLY0DfbpG0MtaTjTQSxxh7kc6mjvF9wgTmieJLYrl7fNDfhSLfwORkYaxcEh83xj9cXBCIUzhsSbn6K8rp_LoI98mRCommL4RnsRfPtIdLAEbIe2hogzwfJxm7EQTR8QMnEdfxykuZ97xsee1RdSDGwqc-XZJ8B5LwkFxLp025jkruyNRuSpMPBvF_6zOM2-GDc3dvbT5QTKfX8DhSMZNKzrl-BGbNNgf7ldB3LXgdx4BWuWEFdws8UuClFl8-p5ozHe7a1JSslUCCCtC34xOUInmGE97Espx0CymVQT_EM_qwbUC7Bq_IFiy3kemvVFzfHnRfh_3Lb_O4cgBfBVy4RQct_71jZxsU-qpjDDCm6_HfjDiyX6idN-j--WcxxBSJ8er8SiRNUw-7mKcxVP9cMj_rGW61G8fUhblH3bK1ZDUpnWe5vBI-tfRuu2T5Yqk7TJOSQ6Yv6ePtJzcODsql2MwgUPuxbwh7QUYEaMWPiLCucWMRwa-KoPQTBJlUWMGtgafVtgNkbZ36FQaHMCY7864BbaUfHBUbnGpv1b53hokBNXoFrDHZiY_XhXnNkdyA6sq9RWFA4Y6eQ0ZwYl96p4M0aLU63hFX-8dAHKbdzrskrfmWkjqAmsmBLochz4cDaSRI0f8uxb_5N2QnYffcpHOu85dMucOPXKIVGly0ydYeGw4zZY97YReBR2uxDRh5JAtsHiEPKv2rHjUSbLG2iNQ2j47MSCrQcV0-Rms5LgBfdITcF2trNMcgs7-ICHtE18WT4jCFc_F2EMYuHpEMqbfmAHtm5dhI7lufTIjSnHS1vLR9zyW0Mb32qjcU0rrqjmDPdmty5JHWSkDvnTZYq3u5OoAVa6A2yC6sfEruzdHrmnmsezUvCbfi2AjfHlYBrogp383P7MGAMMy0ygS8KOgt_LPwNbkyGEagcwpjZz666QSt1E9fSUSE_pTO8dyAs9OceBLI_o6HWtrK9wRfYLDE06pWXt0xf0dbWpM6WZrfO9gSeC5A8DxGcxMk958XsBBp40zVjJAu27wgVHwmML8Zou2oON6u60TZt95aK3njQUUBeuV41Utp4YRbBekusx1l-c9zdcm5kLxx1VoC08DTLLr0qUIsSUlrmLu7Lxd7YzOQIu4fwPrO0eVfN01sYvmhtrotHDVFuSYkBYCIDNIbNyziDqNiZoX2emp2OYmzU_Y7H5eYd6NtXPTmlavP5dLxjSOL_v9oyGkTbK2DNlfKF6-_BA758rBBoURaHQVO55ACoGZAXC76HgJ4e7XNq_GP-NNrWamvyCKspY_9P7I8KOHNxeQkYHQG4gHCBAoqdxQ7cjgZAI4ImmatqprTfmUaKFP1reJsuRVFCMP_skrmakcQdm2p8bSwUovsmall2mRMUyDYDzk1BlPvq-eBM8qKCm78Z67Y-EneRjdGdcooaDP9MvQUgqH7PVNNAdWethfuJ-Y8xKVs9yN7bHGnEcLP7Rnk-CZJRYN4y7tW8hgKZXzxHdKMw7iLMhJ-D7LR8ZV6o6Z0TM5eyo1FgCeieNS3BtRGuqFVTEfHPAmoC-7p5H-tL_ZWEjIi9ZfEWk1_BW0cwpJWsBeKegUg391HfSL2zww3FT_kQ5CNoxoNlViSpKLW21fbgoqaUFRm-82A_nYY4ICE7FJ2oEsltZCIX_6oZvqk8v1Jfrg28o2fwmZUZTuH6KS2-_7pOHwBah_VbWBbPnmGSTEbyy5Nrc_q11bD-wkgMWPpUXNjhdksyVDSp2JQfbX_hFs7BOm7kENPtkwQQGtSNJHI0ZG15A1BoWeA7nhNbTbrSW_693A5EwFhJDbKgSADv7CGl-Rk0e0KQ0NVsIz37hS4j2mwkefxCZxxn911EH3lI0fjH4L7wyx0Q-MKhlV1khhnB4POICEnHCW3LamaYOGLh20puKW3Kr2QOF6MUGauDccjduZ5Ey57rbO5AblRs5LqkrPXFJgeFJ3TRc91uo064U1Pg6N1DyO-KmOMVUfShjdeoz5K4evb_7Esai7hVS93yFxXDxFsy0ICijCUgu36YXkQqONkvWBCVyshrnRltkjnfuzpNJjgMlXClN_nng5fUptKRvJFolkqNz6RudMYhHvcoUl5tl4gMKGdN8tbcnrStZ9I2mPWaRimTXTYoJEiytOT59unMtFwOM3aK3ekZziV5CaaLFSHge7vUOXXsHA5PdPeUGiac32iMeT3GIKCG2AxtgHG1bNowz_WVD6d476HAQlQKi0FtvfVFgHUzv_0GWK3yGesI6dtiDiCJD5mTnr9bt5Wetxvdc3dePxbMh-KK-y_CY6_tYycd6LHEx02ngAoVjcn4uVc1PahahIywCcyogsIxxQxgp-a2r0yBLeZZZZb6HqS2caVywsJds3uhafVpDX8oMS3X-Ic4_0EBbuAhMKzoaInmGnCofZwpTAcVRoErQQhboNzKF40U79tvVtpx9kKF-Le9Aioz9N7yp0n0aLwXLqruZdbCe0Km5L1pudtvGYHQqMr8edirD0MgsYCpJ5ON0gOEBOYVDUYSUa5usBacVKhTk1T5epRwgATsNi4QCnLBE-VshLMDjmgb2djSpEPFrIlfQM87e1Qb4l4OXP4p-zlM9Kd6IdmVNnR1TWprqkVjrLpKFeIT1sBpOZm3ZE5ZMT71qoIoMZWWzs0Js2pXm-u__w-NsUX41Hs2sRTGVzS28IJI65Yv4bEB81c1tswcaIX43RmL-09SgCUqFaKSD4xWnkPssg2mckBtV0HuWGA1iqsgOapzRiFNEMqFoUNDo-_uZeZLRfP940gaSj2EzFD3Tswf3xgB6pT5xanxxNMuSgBvmS7kYJjkT8xDTnV4j0fqRJ4u-9_qPUlZsQXz8P9Awnv19pIVrx0RrYHjdnplyP1LJYdkEnEQdYPlQlIWJJ-sRZs8X-QFmkKJIoAn24uGBFke22ofUzj3pQR1H--r2aDHd6bAssxvnr1z5lJ7AAIuDUX5t-q6uzVAb_fu6C38-1Uvf2LQLKt5MLwDzbxIj0-XHjuOLK48mVS74prYEz-3J-FR4aEqrAJrZHsEGhtN8yk2P7QjuxYvrWBT_2ZJ-oERZx3YrWjdgFi93D6aIYiZoZg4_nTCEZm0FWJm63G6tSyBP4lxHOtckXKmCe3a_18Pb2Sjik-bn4tQ5nuNjDzFM_IMkNoUtA7ke1qxQCrLu8B2ejICnrqkRhRudd9wsdLCGZ6AmZbgcFIQfRGG7p1lZs2e3mG9OsF_zgOJ4VsOwvvz-9hmkrxJIXyxzl55P5DxLaq7hHIhA1zlZCDIyRirfj_zcmz2EMkmvEGXR96pMXwDa-UUTFts0FoTwvSAOmq4TEMIVjBmHZDwxjxuPzAhxeSIHLNBSIATLkc_wVGBOkeCsUt62rYOfMd2UOhY81lPvj3cC-GcUoQ8XMWRz9ZuRR1f3KVuhakcwfcaSiW_o4M6KWjtpjI3ClV0Y_5BN9LD7rUznvfjvRPcb6YMZgM5BfTWgdmW7o0n16ESTOY5uV1OgJDJcFEXZr59XCy38wjDRjEsesnCKWzLyhX8GqdStv8iq048yZnYwWFdSxxJ0zagDc3Ws8cwE7pFE-Qe-rCuA9JjRWn8WM40tQoluB8kAAjHYkQHTAVj_s4ZTQw8b3-Bwxb08M4Jxq1CSKPpYONw_uMQg0beXFkx9_B-suz3SLzkpwxr6VPKQUZcmbyxYNPsVsCnuDukOmz0dlPOJ2BB37WjvH_vjR2HatnBQKDhvgY-ZgKd-Ylyb1iow8a_EGgajYL2aGBTB-cWAbrvjNt8I63RPCJHPfhogKDYLaMYbJYZdcIeL3yDvhvrQ_9TpmxicYe55naOhmnCqm31s1c93H5h7E_FDlBodWeMWrJFavQVTgXNjQCioqE-PurFjbXSqZyUPKSgymgsLKBTr75q7dMVqZMKdcJjezJBSNB24zldOjGRMWM9MHu4jrzb&cid=CAQSTgDICaaNKMc21PVJv9TBjC12dsfZBIGIZthRt86xw2TVkkCzHT99ipsn2hs7jYzK-1Jw1cM6wArr4zY_h7RRC0t0Osrk5jsvG5Qd5G_F3RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftwire.gg%2F&ds=l&xdt=1&iif=1&cor=15522261777459247000&adk=1964084972&idt=115&cac=0&dtd=22
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb0b6031197e98d29e637f9ec4c10df2d80bc519c46cb3a3e333a075a3aad09a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14029
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame ABC0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNX0vvsf-01Vt4zfqIWDMTlFHiBn2E3eY6wfXWqT8j5R6YSZrEAiYCRnsFvy0GYkv1EM01O65Wmv5_YruqHlrAiljBJwecD1S2lHMnnfuEMDNjwvZShkGPCbDB-t8yu1hzDnds67HD5CbmLUc8pMUtNO0RZ2hvNx9zngw2NQ3wbQwZa26Crh-pCyqKqQT6VtzrMfLYZAJirSLlae-Xqa7AnMmxvNBg
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOquHpACRHoa3uWnY1WHHUyA4SEeeAbGKJmGHhu1pPEgP6d5zfrB%2BpN8T%2BoIahMEqcii%2FCH7zFbAO64xL%2FFcSAmg%2FGw5mKzwKbl2PTP9bHxKjbgBRl0QInffy1Dj5hm41Zil1Ctf2d%2FMYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ed0496de22c2b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame ABC0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVNV3Q3t9Eex1CBZrRTnsgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNX0vvsf-01Vt4zfqIWDMTlFHiBn2E3eY6wfXWqT8j5R6YSZrEAiYCRnsFvy0GYkv1EM01O65Wmv5_YruqHlrAiljBJwecD1S2lHMnnfuEMDNjwvZShkGPCbDB-t8yu1hzDnds67HD5CbmLUc8pMUtNO0RZ2hvNx9zngw2NQ3wbQwZa26Crh-pCyqKqQT6VtzrMfLYZAJirSLlae-Xqa7AnMmxvNBg
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Um4yQEC1DtBBMU8n0mvHvEtOq3hhHOLf%2FXDnuwufHIgvhJwE3X3sn3q2B4tPQcqPjJIIDI0ykVHD9AOTXT%2BcHloHGLfoHP%2B6jCuzhQfGv%2F9R9G0tDqBdLF4QqodKjarBnxrjlbscY6GEyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ed0497df22c2b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgmuLvcJE727NRI5rL9WOA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame ABC0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDP5KoTu8rFqV04P6NthoW8&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDP5KoTu8rFqV04P6NthoW8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNX0vvsf-01Vt4zfqIWDMTlFHiBn2E3eY6wfXWqT8j5R6YSZrEAiYCRnsFvy0GYkv1EM01O65Wmv5_YruqHlrAiljBJwecD1S2lHMnnfuEMDNjwvZShkGPCbDB-t8yu1hzDnds67HD5CbmLUc8pMUtNO0RZ2hvNx9zngw2NQ3wbQwZa26Crh-pCyqKqQT6VtzrMfLYZAJirSLlae-Xqa7AnMmxvNBg
Protocol
H2
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
an-x-request-uuid
9ed40a7b-8fc4-4a4c-bebf-8b088f08e515
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDP5KoTu8rFqV04P6NthoW8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ABC0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE4NDgxMTEwOTQyNzY5NDQ4Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE4NDgxMTEwOTQyNzY5NDQ4Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5oLvGATAB&v=APEucNX0vvsf-01Vt4zfqIWDMTlFHiBn2E3eY6wfXWqT8j5R6YSZrEAiYCRnsFvy0GYkv1EM01O65Wmv5_YruqHlrAiljBJwecD1S2lHMnnfuEMDNjwvZShkGPCbDB-t8yu1hzDnds67HD5CbmLUc8pMUtNO0RZ2hvNx9zngw2NQ3wbQwZa26Crh-pCyqKqQT6VtzrMfLYZAJirSLlae-Xqa7AnMmxvNBg
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
an-x-request-uuid
633783ed-fabb-420f-b972-0dc83c61a1ee
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE4NDgxMTEwOTQyNzY5NDQ4Mg%3D%3D
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUAID4GW
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
3cc17c5f71967733f20608b5e0a972eaf6d6c1d8724674321cb25280790332da

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 11:11:25 GMT
img.fetch
udmserve.net/udm/ 		0
0
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 14 Nov 2023 11:11:25 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://twire.gg
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=940671
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e645c935175124a5066d1c4124a6ef7ca02a3e000d37516ec3919586487fa0d5

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RPPXldXeVSvXYSDtY264VqXpKGEDFofyMsqiO4K2H3s7gx%2FcnNYK2%2FETXC9hjS95EtrI5vh661eDOmQF%2BLiQN0VG4aWGcM8ZFD7vSeZTV2yvUKaL4%2FzcxzUTqANIW1r7O6AuXbg"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
825ed0494db72c2b-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=223598ec42dbe953&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.17812975228885408
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4ac965d25ef627b1893dcb895281aa7d1ae3444f5b9498e60ecb2204b14f4c52

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=224ed1a6a6b49171&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2811199294964779
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
09742fe463c9beb1bf6472ff9bf2f5d7b22b9524802f7ea94c1899a14098521c

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=2257ab1359c4b835&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2302850348057779
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b5b711ea4fc517f0510490262725423aba86512e1f3680ee09ca5ffc03c6cb4f

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=22644e537a69c473&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F339474670%2C22606297850%2FTwire%2FInContent&slots=1&rand=0.08824866059106529
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
255c45e1c58d93291352e74bb85181b5380e9f860739d25d6755fc9c9573e2d8

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0-pre&referrer=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tmax=1300
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.231.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-231-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness
x-auction-status
12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.6.0-pre
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
67d06347d40d5974130902082bd4cb236bb29e54fb9e94c79e54198474106dc9

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://twire.gg
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ 		475 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e993b177afce4a176c553c69fca93de7dd6bca23cb760e89bd5cda597d7453f5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
an-x-request-uuid
0e915726-f25c-4ab4-98d8-248e19e222bf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
475
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0-pre&cb=78529377351&lsavail=0
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://twire.gg
date
Tue, 14 Nov 2023 11:11:25 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
c0b291db73ba6e09f26f9d66d6eb780815ec6cb50c5ae50e4fbfe5bfa54f8dea

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
hb
ssc.33across.com/api/v1/ 		67 B
106 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
465469e71c9e5929639cc6beef2ea4524fc7cfacd80c5e1fcd4df2eadc49dbe4

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
465469e71c9e5929639cc6beef2ea4524fc7cfacd80c5e1fcd4df2eadc49dbe4

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
465469e71c9e5929639cc6beef2ea4524fc7cfacd80c5e1fcd4df2eadc49dbe4

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
106 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
465469e71c9e5929639cc6beef2ea4524fc7cfacd80c5e1fcd4df2eadc49dbe4

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 KB
1009 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&PageUrl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&PageReferrer=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1eb3f5c89868deb5a4deeb8a9737fe60b12e4e9c0a32eaac60fd2ea9979e1596
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
kong/2.8.4
x-kong-proxy-latency
0
x-kong-upstream-latency
278
content-length
591
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 2A9F 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 14 Nov 2023 11:11:26 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F49 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2535292103376&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F49 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2535292103376&version=m202309260101&ct=77&x=1&cor=5103071550939353000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0F49 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CqOGQKNFL6h5pHATgsME1BdavQtQf04kAuqa6_E7-WkRxsQ-DylSI64kVKQ5PCH_0_Bj9omBm45TUBmu7sLw_4CydITEiyVmu5MoPosKULrVdB4jI6cltgrxdJju-LQWH5wNmteK-sq-_Ff8QVCn2KAkWnK0kCHgvHWPnQAcQyCp_fnCo&cry=1&dbm_d=AKAmf-BHhLgCyiwGn0wAHYjYj8v39HnN8Dy7rOkIAc-c8nKo0Ux20U5hU3jnRvMLKmIg1YiDPYXT6L6hiTx7r8yKc1OVq3E1JwgHmwBlXrKdUJzS5hKb10vXSAYHJeuElHtGJOv-h6RplZo5sZS0VMTDi8InNjeocsctUwOImYHzEnuhsrP9AXQ1DdCD4vRRTVwJOaAZ1sDQrU0bfRkyo7LPoBCk0QOll0OK0fob17PqRa73dYHTKtYGpZLFxMSmAAMWf79WLPj-SPYTjtkW-tWOyHdPtx1SPWSgNWxBvBL1fUNTLONRAEMKuuBHAjQQk7l0GEMFHqIll5jQ5dEpquYJ9NY8bOfsYQ4eIwOq0HVZYeaeofn6oerLBuM_rybYM1o5Ng4c54B4gXGMmRhpvCn1Nh8m2EJXb3Af6qkQjw75bseeP6D369FJ2Zil7sBsQ0lUfH0oQ7m9V_eVJxINcRBEXqLYn-LFpoUu601xBxTkdMvfgNg70bVpJ2qxuC0MG17q-oPPgUEQ70B65uSIwOjoxAR9NafM7knAGyxab_CSUSQuT4rB2Bbv00sAO56yjgaLMMs5v0oN3OC8h3CEWExHp0tYEwnQQ7PbH8O-HHDhJo9JFihk7aMGGTzj47ECHOUslApiPlG1aPyzbTrJHL7LLWQ1rQJ-85PGW5W8iAJ5egSfADmhaQt_6tyPQaO5S4XI8j3UhUTu5meO_YjutTjUiY_khesCmpr7y0_BvBe9U7l-ILcze9aoC_EVIaQe8f4ZtL3h3cX71OhdMBWWQUk3PHOMzVMwroOXnjbo1-NFHY8zg11VGfsHOLT1tTLXwWpJlGa5uTCCKWOY16l22s6d9jX9sitoKogJzxkWBiaR2g3V8UPYRiN_e5uKK2qF4v-sl8RAuQZmvIXE2kH9yGEZmFWZT4qrH54MLqECjczmhWee1NLur1XuTrW6fHBwBwtmnKpchDB2WI3md2nf4fFp9P_ER2WdbgH-Pi9mlWg3nW8LYf1zmM8I-PVYb58Iz70Md1pli-qBQEZrY9mDdYAenK0Ve_0xrZihxkn7apXRbz2rl7FRMqhmBixolQX5SP899PeWSQD92WhWoHDWckHmWZYYIY8t8lqMAwJG3oRAzRsqwCrH6VITORp7a6WrHgOV6WWY9JWgxJ_TH1gxfSBhwjxv0HnW54Da_zoE0fFeIeefHtQ1WTU6sskbks2qlSSq8spyuMWDhXumXKdvRMV9F4Jzui9lVFBR7mLd-7ju8S_u2-Xi65y7KhocWA0g8NySF2K4zcBZHwfUw3VavIYWKylpN8W1VsdCHpDMZjtCCACd0HSf1nDhfyKDf2ylP2FTvo4giJQWQebWQHfAs16MA0yGTH-GDgc5PgwT6KdoFZkqid_9YicrpxavA5oxWHoUoWeHZeQvj0SpD-phRLcB-PyTP_WNlqZEY6krFqk-cjOy-fOVtaHs5NHAygkqgPZR82z-j4IrHs1eW5cYiXFZbuNjJTrcmNHlmt14WONS7jqQgPghUyEX8I5u6LyOOzgANVI6wzVcysTsSNUfM7JtfcTQ3QjaTUo50Cx9HskUBreN5JwfV22ZKdBksEeQX0ewSe3CF6xHmhV_OaZ0O2SN8wGHw81cgatRrlaHV1vGatRuJEsoBCqIUMA2-Yjt-JBGB-ZoD1q7MYO90BLCOoK7f5eubfmGGw2E9XnKsiCRGeiUajc3XRF9uHnmQ79IvYsD5uWZQPqugPcd7fYx-i1DxHE4giJTlflTqPnaWYJrL0VpiSDwepllTihzZVLGoV013ZPjI6E_mKvJmvZpVh9YhuzLojSNVzTIq1gpve8VUagPBpRKn90s4WFR-1dQdJXkyWUyVHeZB3KpVJtKxAkpNJtZvfX5TTiJkzgTszOwi-TGqxygQGFwrdAq6uoOpyV1uvNn5HcTDJq7jk5eCM-gYS8mcND5A6FH3cIR0JwA1TSgHo9Yf7lM0FzKMMvf6Er51R9pNNj160XZsP_L0cbzSJ7XU3YmQkwdFt33LzByL9NzQT7X3xYYqZUGbErYkkV43T7t1RWyqw-reXfWiJZsxDYHNZcf0mdlxARRND-qGTeJ0GerHWpLY6HATqIg1W7clG3JbJ0tZkwt0AbHbx5AGsUosT5BBWWg7sVIzK8WMfyap--OKJJa18Znjsj4uZ6CccZb9Kd8UwDHmGS37Mpxt1fyCIHR6AqAzagIxXkihmdVLNv0MT7ed7WYPhgTdv2-p0U4u-eMd3JdSvMu7uqGd_aC0pkZU1BTDda-IoCmLaAQz8tjUKuuaFKI1HfC7QdcXDf5u4FqtcRGN2jY_jzkeNHuFgDWBhN3jUlXtwo8h3e7685NNOZn_G3Kveyu0vGWMYf_5e41SOl7wUywCPi-Q4kru3IxiwJzsY1eYuufBPhaGe3FH0WYQWuqcx9PkepYxnBvXrhSNNl3FV3ACW-oRY3BmkuQ4jL7jxc8E5y2jjrRxWMwzRdTjyF98eiHW42aKb99Zsi4BWn-1LSBE9rcHuf01B222RZDJDaVBlvFJsXab19ZvWxKz_-d7XoGxFSwHG5Dd9VVvtIFtYK19ScXIwiUk-OjJkhpd4taFDSYUvLV63gq7c-XlMZxa9rCVLs1xnU-Zp17-opjMRUXpoXpvit8rUUXjv9X5Qg0M3uvL0abqa625ZQxIbgr8KvSJa8hRQ1NNjckVip08ILydhN6VLh_egDrsE2dPGUlrBvfkeJTvrYr02MSdvklV8OvKgWirxpaqNxpcbUtOT1pvb427cXSq-E2A3miQbB6yuL8j1nr0u3O2glblJMUEmpcaLApMMBuQpnD46SwB_VqRJ2PAnLVj3akpp9MJtxxiwGf2UYFl8BbQGMp68ZBODQPWIgYqe-CGJtCGpvNs97q8o3m2ujNeoqfTYBAJ4jhvwpTOY7obnpr7JIppozTIBhw0sAmD6MADSSDLalUfJ-tpgH_x4rQiQbRSW-S7tMMqDZZ8u9ubPkliy8CSxFfIHaIWf0Tx_SfibtpA5RnQHjtD4l81_99bfnjVofNuMim5svgBFFzAGX_O-_U-PXRBK8xQ-cR086_wkPv3X1kzAGnMwjTmBAvVRc6kKwa3oFpHvBg1RGfVdlx24Ts930dwvcnjzJtWIeKNfKipnuG5sS-ohbZVZN2ElWx-ddH2olghMVE1r50uiUYs8AG0My9uuuXxcXy0elaN1zXPxG3qNElm2rqv4u3m19rGL3uNQfmzwhY6UDVxeK_EjgDhcGDJ1OsWMyjqvejzD2DJV9OMWo53h4EAQmax6qBnhK_xWjbOJ22gE9OT9YebSRQcjwNfadQw79B3_HAJX0UPp1g4UhK4tp7Eq2JZhQ1xYFnuaz_Cx6xVdbPpS8WwWOpAFX8Vt2Co3sek-HBTHiuRZS0X2mPsFpkd6kwDbHpeRiD9Cdjx4ZTyPTrNNEocyISCq1bIGoSifMIdqj7dK8Za4XvdMJzEQRgsAEPEGsTS6fYnAPuRnI_coMi71HdXtr8m5w6o9nFTeGLCUD-1knerXfSJMFCvVe7U8dPplmZBvL46XggGtGMYN63z0zt_pMStfJfAC6J3IuR-sQp42ELPbGdCkeYguVWEsMDPEWny3_xyaTv3oI8bvNdkIgKDs7hrH79qZ7wWxRTAx0aXTqnz1uKnGqHIeaZcL4pM4DwNW8Kpdp8B1Wz1EBNWdLljKwOtoP8pQvSKD9o-YqnAUGBBd5K_yI0HI_91R8lzAeKWK5fVJ06PEABEuWtvFlkzMiipyqaJPPjw4i7lSvs2oLL2Bz0QdwJPnJgmgn9P2v-GIZwvZLWvtp4VeX9_91A0_xslNZn1CyftWXVObap7YJYqnv43E4UFhGy8qF8R7kBMGGvOqKOqBSeBU1uPUGA52C0JHzqyMjhND3_BwtdmJwAlc2W8Bwm5J9sUzjNQsLtmXkaCmoCzPf_DoKCgzNpzUQGmUXYn8UW8SAcgIZr_QNd4987BdKU8YeJcAvD1tUQsWPgthbpVzgtL7IErKBf2f4&cid=CAQSTgDICaaNGaQSiVXIkn9tkV6ostm2ZsIATzgWtUWMPeK-tLWKdxxZkbbv6BqUgGXCigfm8Emq28chWyAmAKW-O8NKcdDObFAY74gGh9HHLxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftwire.gg%2F&ds=l&xdt=1&iif=1&cor=5103071550939353000&adk=3047537735&idt=132&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be664306bd684ae0e740cd85474ec4196c52ae3f17ec9276ca8364003f6d6cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14047
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA1C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7316814170127&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA1C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7316814170127&version=m202309260101&ct=77&x=1&cor=18323929860426938000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame BA1C 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AV75PwmEYF31y8xs3suQS4trSdZhiKIiwBiLTPSEFw85sUCtlXrcQMqBHNmZ_hoQNsVDby-qaVRsS1hWMF4yD16tQtm98KSw7HMQjvj61uM0l3xU5Ls2SiomjA7bLvnM87IXdAyAwZq2vS7L2QWcKcjWp7XApF0oMIwA1BYlrV8_J6LFs&cry=1&dbm_d=AKAmf-Ap4_Y-Jkp4yIPLMZLJn4chCCHl8P4uyd-P7GBaj0PycokK_m_ngU4WVz_cGi3tvtvmcR3Gfdrv4Q683lLzY0tKvB71mGf5nnmFRVXMTW7YhsDneVlsKphfjIuu2yPcLOAbxNGQZtze_lwcB431p4i1ap6fdcucxNigIUtsG9sZC1LwePL0e3vhcFP2zfjxqUFA6dv_K-SUDzLWaTZtC2czaqUu-W2yYvtPLUVszgkGLoTepVkxiQHwjTzCidZAj0cpVP9qROezItJinqsfFcRknoityYYc7cNLPrz3y9-r2ZnDirxHcD6m_Iy7SKYIrKqHajoctMo1JX-NhCrw9wzyn-lER22fYpkoQrBz_9HZ-KCfNb1IeUMeZh-ONWuYLkAmZ144YTmr36wXnAlQUX5C0RBSQErM_w0fjJmBELwQoFTCS-h_XcssQN7etzTGfmzKMG-xeoKSYD7PPmuGKVk9jpEUy0tAx1frt5bSR9OjiNBNhWrbLubBrU20BUkQvsBhBCCfl_Rcx2Vq1WFpqPtGigiqbXnLNPmckn-AoIoxpF8WYL9MDOSnqmezsXGD9q1evYXaRresaELnY2RwxbPppnh-bdxrrCgHL3HbxnaEIe8LiZZW5rjOieokCytdo5_9RV0qSEd4wRIwB9eSmHC_gLoIqYB78sHAeKn3VRrxLaouQaswPLFMbcHvdBtIdK3W-hQoM8gtyyAPuI739HbrhYtg7YZKx24CjyaahiA8sId9SlTwCqsibLG_VFeUi4-FSLA8yhD9Xjt7AIVPoZXrjEVGary34HIHqOBS1yZAN5mcv7DlCduJvTifSgtVQiQ95oDzmhTsK8aGiKbFBxFXKqZJnIfl9ghTM0W6QGTY_G-S5nQw-aoXMarKAqphKskyNKBkkQYfv44uqbHfFqNiPsQBIv-3Xf44lFzsmylLuV3YSuWpPfGlhCMZQrR2wXBsd9pSRROS46ZNsHVS6GW4qP8xHUcJruxw_WdY2BR8iefiEiqF98Bd1T6i4IiwEElwQJhnFBS07SpZGVrWjKvVhWOk5-s6nWrtz69Ef8jXOA6GieNGsYIdJ29i5f22Yx6KMIcW8EDr03Q4jRukd0yBoFN_1Nsfxhz0pDvlJswdMJ-mc1652GU1_N08x1uJ9GXVn-qC9Ye2bk-kOS3fbq-53rDZRisxEopo0xeXU0r_PkR04nwF0UU70686cSXjNyfY0bYVZFWxIIRPuHN2YDq2gfFcCeqyuzZk7s2_jI83wHvMIN1IM4nx5xq12Bfa0bxGznHoFyNWjqegEUft1kcG2GN1mFPAD6UhNQA9av-J9mPGdVZX0H8Ewk9D_JSECZ0ik9lBbZXUt0IlWAvkFNk-dgHt8-8CtgMo1VJTafgcIrlxmxehi--mdskaoMW7twdhBl-72UNExNgv4QdUlgVtBsrbwSxxx1AqLOR0inz_1lfiREr8hHmUpI6u4i-_JQ5KG9ztbAx-VLMlM-LSZ93J3gEGCbe1zd04PDDSAtv_E5UXny4gPIIIr1D75UYe94KfUqTGStQnYkMXc1uOqPOP6M0u_OS5zs7I8KpPae5hiXNue47T2grTasObz4TIO9RE5ars0iuktnNgSnsdQmC7Gu-79KLmHwhMER9k5bVQzLvJOj4_rYjg-iLO3IMfIbSAVHfOPMO1cqisWV4Buvs8mXDF5ozg4zrIF7_gC9dVvUlBrXnh50vJLT6e_fvIl5q3zKH1elBCkSBnEMj1ik65aDFl2Cki9oPr5vVGgm6Jtm1jOuQPJnpJFDPysoTJFBcYRKn8Z6ngwfaAn1QyhoheMzHdhnTV3p1HrisjmyjAS5I0Biqn8MV2fQ6R-kCtq__poDMurt_4Zi8BFxxbEOsbIpFZKilcDifbWpfzPBJwCLim9qxJjn3gx_xR7hyIBJMJf7fN5v7oHloAIwtbOQNrmKVOWsRogsFxWsD1QogP9shwO2eBd4o2oo921_tPNObg9JgGwGIVT4wefiy-IBQ9Ct8EqGnG3SOh6LwLLv_BS4zKQN_GIIIt5-5O9hek15S9gatha4CGGiV0ZPzMUrOwf9B4JYJJBsN21Eu4DQipZUb6_v2gmJuSKYpzvNf3gcwtCJZqMFMv7ioEApmK2973pRsPunyAuUKz7uin0B144XfsJjhFT-QH4vu74hN8dx2kOwF8VChBaapFOJt2YcI2IMouKotAzwqQpwMbV3HAwC3oTaLq40zd1XlCQxM8ZTBZ4I5tUlu4xYnXpTcOJlNBfmWw5LyVWuUmFXBJNKTbUrgUkS69xc1sp2wt8IpCe3t6Y7G2EiMnAdRDRBdgDQAE6nrw60U9peqSFxhQ2cp_EkGXGcgUzGRmpKLB8cNJAcmD2i3RTmFjZajrPHNjVVTDBOT24XTlWsLTwjGduAW3Pc3MqP0euBSnJLD4UMdPSqTn-whKhF4X_m3o2fMcajEiSZhbuwEavQ1SzdG79-FLmEJ4QhuD3_31_dCUD5M_nRVtBeqaqGyiq4dYYrIIsz2WNBy3Y3VVwCgX-dB_aWL4peRHVPxjzgrlorXhDqhVpvrQc4YEiIokWKPy3yH40k41XAnvCsuMW4XH-15M1C9Mm60-fOA9V8o8IYk_FQRJq7l1QwjF2WdQ8gX5U6UuYzLOzB5EW74wt5pJZTFOoZy_nraOgh86m5avrLCanp6V_NgAMGJbSuJkhDVbljw247blMB895mu-4eIccLQ45XPzY5oUgsixLtTKMGbAahsrqG80hOdZeGYmqycJ3hnDQe1Pc9aCZkgImMGRmEr-_329TeFf2_roMM2YvnnSa5hZwnVMxZC4CUJzC5MfLQK6VDwd9xsLVFKZY28MQOv5mQUhXD-FP1cW8BvsAjFMMPhhhRNz0jgvbNe7DWlO-dfi4TSIVhvMvXClX9ADZUv7b9JrCqnSg80amiQwCHUClfohCDEAaTi2o0KH7dR0ksJGcGxdlZRg3iRLvcVh7g742UIx7tOxnAbR9eehoBYSR8BlUneuGjGrG_bnbCD5dR_63qyRYsHmbZWKs6eUrcDoj8zBZ7KfSynDxehPudHGY75AAxUT_Z-QP54IWOe56yLI2HXSXpxJviUZ6y-ldJH3gyij_LNJsBJJd2BL8HNogQJXlC2eSFYLTHHIfvS9ym89RadN5Jq2PEG06mrPIo8vev8cME9KI1tsh4vMOmOPcjkaSpnEM0svhZgPojl0hB1A7kCbTmjYwPORl9JFnJXQU72W06AcNpsgk9ToL7ugxnQqE2i4qLnVJK_kiENUI0GicRhSY9fAtRI0qXBPqbjOeTpnURYmqYLwcZUhcN3_yBidiAzvh8i3rK-wsdmumBbg3KCZNUuVLHnl_CAzAmMLjRcWfFxlBfGiMXI1ogCf5bjILxCiCcN7iczXVafqvfQgmwVdohdKt7rKEwVCyouDQsHBil2ixW1RjzDsWFeU0WTCGkeBiQyxlC79mbkv7vvxOKY4PdNhFwP7nviFrEAsx3dhWm-Gbe2p-mSbjz-ox8gGx_7oc_GRdT6qMLRW04i6virLdIPo_tXsiHsJvPvv4f3d-hFIMKhA3CBBrRyXTtRK28mSKAQGxtGeYqauNmmZTCdQqjy8ra7Rs3DQbkXB9AtATWYmuEIDslpfmEs6uXiXCJEabHDecgd9AKV7hh6HjLi2-fDZz6-gL7P9NFvXdYp6CONol8-9knHgyO1j2N8_zevo3ZxYR6kCKkBvtSIi-3_JndF_P4SZ-5--dSSzqM-iz0M44PfTe2WjFFZqsBD_71Jtr2djTsKMW4ipl3D2HPwTtJ8hQoZrC0dMhAdh0-YhwL-sOGJYadkZdIK1jVcxYm95eiVddC4NfYQgZ-HcnC3xpybcf98mn23rcJN8-2iuKyBC5k9jzSyvQhMB8v2zF9VmgqizVgXLUjwqQQSCaeykXObbwbEUZ9CtlblBk2_pxSmLX__u_8pAXnDBbGOhl2YK440JRdM-LC1bPmIwi2dlTa2vRjrvejYRISmJr800kylDNM8&cid=CAQSTgDICaaNJ-PA_oImov2HbtOUXsS35Q8AGmUFoYwl6koonX5Mi6f_S4g_4pKD7s9e3fQgV8LIaxeepUWb1P6fDCzHv0PmhOiXBtjZHnhncRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftwire.gg%2F&ds=l&xdt=1&iif=1&cor=18323929860426938000&adk=2857193498&idt=151&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc202b00f49fafa7ec56029d611e265a7bb1ee5c1f71b5c6c5acd6bde84c55a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13997
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 7CDB 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIQzCy8wXMHa3EI-VUTUlIdQRAttVGwxWglG-i4D-CHPTaEwx7DVJLOqBtVZDpSX-sKlEwDd8B2NXCKo1WWQ9i7q_lnQAB94tI2ZE0DqNK80DIOiEaJEkWGX0eJIwaK2oBRufhKs8nSjb4gZ5HKwihqgHvSclpxSJOwQ22QK0BMaAA-SU&cry=1&dbm_d=AKAmf-DzD5Hyv6wvAndIk2CSvuLY0DfbpG0MtaTjTQSxxh7kc6mjvF9wgTmieJLYrl7fNDfhSLfwORkYaxcEh83xj9cXBCIUzhsSbn6K8rp_LoI98mRCommL4RnsRfPtIdLAEbIe2hogzwfJxm7EQTR8QMnEdfxykuZ97xsee1RdSDGwqc-XZJ8B5LwkFxLp025jkruyNRuSpMPBvF_6zOM2-GDc3dvbT5QTKfX8DhSMZNKzrl-BGbNNgf7ldB3LXgdx4BWuWEFdws8UuClFl8-p5ozHe7a1JSslUCCCtC34xOUInmGE97Espx0CymVQT_EM_qwbUC7Bq_IFiy3kemvVFzfHnRfh_3Lb_O4cgBfBVy4RQct_71jZxsU-qpjDDCm6_HfjDiyX6idN-j--WcxxBSJ8er8SiRNUw-7mKcxVP9cMj_rGW61G8fUhblH3bK1ZDUpnWe5vBI-tfRuu2T5Yqk7TJOSQ6Yv6ePtJzcODsql2MwgUPuxbwh7QUYEaMWPiLCucWMRwa-KoPQTBJlUWMGtgafVtgNkbZ36FQaHMCY7864BbaUfHBUbnGpv1b53hokBNXoFrDHZiY_XhXnNkdyA6sq9RWFA4Y6eQ0ZwYl96p4M0aLU63hFX-8dAHKbdzrskrfmWkjqAmsmBLochz4cDaSRI0f8uxb_5N2QnYffcpHOu85dMucOPXKIVGly0ydYeGw4zZY97YReBR2uxDRh5JAtsHiEPKv2rHjUSbLG2iNQ2j47MSCrQcV0-Rms5LgBfdITcF2trNMcgs7-ICHtE18WT4jCFc_F2EMYuHpEMqbfmAHtm5dhI7lufTIjSnHS1vLR9zyW0Mb32qjcU0rrqjmDPdmty5JHWSkDvnTZYq3u5OoAVa6A2yC6sfEruzdHrmnmsezUvCbfi2AjfHlYBrogp383P7MGAMMy0ygS8KOgt_LPwNbkyGEagcwpjZz666QSt1E9fSUSE_pTO8dyAs9OceBLI_o6HWtrK9wRfYLDE06pWXt0xf0dbWpM6WZrfO9gSeC5A8DxGcxMk958XsBBp40zVjJAu27wgVHwmML8Zou2oON6u60TZt95aK3njQUUBeuV41Utp4YRbBekusx1l-c9zdcm5kLxx1VoC08DTLLr0qUIsSUlrmLu7Lxd7YzOQIu4fwPrO0eVfN01sYvmhtrotHDVFuSYkBYCIDNIbNyziDqNiZoX2emp2OYmzU_Y7H5eYd6NtXPTmlavP5dLxjSOL_v9oyGkTbK2DNlfKF6-_BA758rBBoURaHQVO55ACoGZAXC76HgJ4e7XNq_GP-NNrWamvyCKspY_9P7I8KOHNxeQkYHQG4gHCBAoqdxQ7cjgZAI4ImmatqprTfmUaKFP1reJsuRVFCMP_skrmakcQdm2p8bSwUovsmall2mRMUyDYDzk1BlPvq-eBM8qKCm78Z67Y-EneRjdGdcooaDP9MvQUgqH7PVNNAdWethfuJ-Y8xKVs9yN7bHGnEcLP7Rnk-CZJRYN4y7tW8hgKZXzxHdKMw7iLMhJ-D7LR8ZV6o6Z0TM5eyo1FgCeieNS3BtRGuqFVTEfHPAmoC-7p5H-tL_ZWEjIi9ZfEWk1_BW0cwpJWsBeKegUg391HfSL2zww3FT_kQ5CNoxoNlViSpKLW21fbgoqaUFRm-82A_nYY4ICE7FJ2oEsltZCIX_6oZvqk8v1Jfrg28o2fwmZUZTuH6KS2-_7pOHwBah_VbWBbPnmGSTEbyy5Nrc_q11bD-wkgMWPpUXNjhdksyVDSp2JQfbX_hFs7BOm7kENPtkwQQGtSNJHI0ZG15A1BoWeA7nhNbTbrSW_693A5EwFhJDbKgSADv7CGl-Rk0e0KQ0NVsIz37hS4j2mwkefxCZxxn911EH3lI0fjH4L7wyx0Q-MKhlV1khhnB4POICEnHCW3LamaYOGLh20puKW3Kr2QOF6MUGauDccjduZ5Ey57rbO5AblRs5LqkrPXFJgeFJ3TRc91uo064U1Pg6N1DyO-KmOMVUfShjdeoz5K4evb_7Esai7hVS93yFxXDxFsy0ICijCUgu36YXkQqONkvWBCVyshrnRltkjnfuzpNJjgMlXClN_nng5fUptKRvJFolkqNz6RudMYhHvcoUl5tl4gMKGdN8tbcnrStZ9I2mPWaRimTXTYoJEiytOT59unMtFwOM3aK3ekZziV5CaaLFSHge7vUOXXsHA5PdPeUGiac32iMeT3GIKCG2AxtgHG1bNowz_WVD6d476HAQlQKi0FtvfVFgHUzv_0GWK3yGesI6dtiDiCJD5mTnr9bt5Wetxvdc3dePxbMh-KK-y_CY6_tYycd6LHEx02ngAoVjcn4uVc1PahahIywCcyogsIxxQxgp-a2r0yBLeZZZZb6HqS2caVywsJds3uhafVpDX8oMS3X-Ic4_0EBbuAhMKzoaInmGnCofZwpTAcVRoErQQhboNzKF40U79tvVtpx9kKF-Le9Aioz9N7yp0n0aLwXLqruZdbCe0Km5L1pudtvGYHQqMr8edirD0MgsYCpJ5ON0gOEBOYVDUYSUa5usBacVKhTk1T5epRwgATsNi4QCnLBE-VshLMDjmgb2djSpEPFrIlfQM87e1Qb4l4OXP4p-zlM9Kd6IdmVNnR1TWprqkVjrLpKFeIT1sBpOZm3ZE5ZMT71qoIoMZWWzs0Js2pXm-u__w-NsUX41Hs2sRTGVzS28IJI65Yv4bEB81c1tswcaIX43RmL-09SgCUqFaKSD4xWnkPssg2mckBtV0HuWGA1iqsgOapzRiFNEMqFoUNDo-_uZeZLRfP940gaSj2EzFD3Tswf3xgB6pT5xanxxNMuSgBvmS7kYJjkT8xDTnV4j0fqRJ4u-9_qPUlZsQXz8P9Awnv19pIVrx0RrYHjdnplyP1LJYdkEnEQdYPlQlIWJJ-sRZs8X-QFmkKJIoAn24uGBFke22ofUzj3pQR1H--r2aDHd6bAssxvnr1z5lJ7AAIuDUX5t-q6uzVAb_fu6C38-1Uvf2LQLKt5MLwDzbxIj0-XHjuOLK48mVS74prYEz-3J-FR4aEqrAJrZHsEGhtN8yk2P7QjuxYvrWBT_2ZJ-oERZx3YrWjdgFi93D6aIYiZoZg4_nTCEZm0FWJm63G6tSyBP4lxHOtckXKmCe3a_18Pb2Sjik-bn4tQ5nuNjDzFM_IMkNoUtA7ke1qxQCrLu8B2ejICnrqkRhRudd9wsdLCGZ6AmZbgcFIQfRGG7p1lZs2e3mG9OsF_zgOJ4VsOwvvz-9hmkrxJIXyxzl55P5DxLaq7hHIhA1zlZCDIyRirfj_zcmz2EMkmvEGXR96pMXwDa-UUTFts0FoTwvSAOmq4TEMIVjBmHZDwxjxuPzAhxeSIHLNBSIATLkc_wVGBOkeCsUt62rYOfMd2UOhY81lPvj3cC-GcUoQ8XMWRz9ZuRR1f3KVuhakcwfcaSiW_o4M6KWjtpjI3ClV0Y_5BN9LD7rUznvfjvRPcb6YMZgM5BfTWgdmW7o0n16ESTOY5uV1OgJDJcFEXZr59XCy38wjDRjEsesnCKWzLyhX8GqdStv8iq048yZnYwWFdSxxJ0zagDc3Ws8cwE7pFE-Qe-rCuA9JjRWn8WM40tQoluB8kAAjHYkQHTAVj_s4ZTQw8b3-Bwxb08M4Jxq1CSKPpYONw_uMQg0beXFkx9_B-suz3SLzkpwxr6VPKQUZcmbyxYNPsVsCnuDukOmz0dlPOJ2BB37WjvH_vjR2HatnBQKDhvgY-ZgKd-Ylyb1iow8a_EGgajYL2aGBTB-cWAbrvjNt8I63RPCJHPfhogKDYLaMYbJYZdcIeL3yDvhvrQ_9TpmxicYe55naOhmnCqm31s1c93H5h7E_FDlBodWeMWrJFavQVTgXNjQCioqE-PurFjbXSqZyUPKSgymgsLKBTr75q7dMVqZMKdcJjezJBSNB24zldOjGRMWM9MHu4jrzb&cid=CAQSTgDICaaNKMc21PVJv9TBjC12dsfZBIGIZthRt86xw2TVkkCzHT99ipsn2hs7jYzK-1Jw1cM6wArr4zY_h7RRC0t0Osrk5jsvG5Qd5G_F3RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftwire.gg%2F&ds=l&xdt=1&iif=1&cor=15522261777459247000&adk=1964084972&idt=115&cac=0&dtd=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
365234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTk2MDI4NTYyOTg1MQogIHNlcnZlcl9pcDogMTI2MDYxMTEwCiAgcHJvY2Vzc19pZDogMzQ3Mjk2ODQyNgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 7CDB 		0
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTk2MDI4NTYyOTg1MQogIHNlcnZlcl9pcDogMTI2MDYxMTEwCiAgcHJvY2Vzc19pZDogMzQ3Mjk2ODQyNgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNTEzMDI2ODMxMjY5OTE5MzQwCmRlYnVnX2tleTogOTM5MjkyODg4Mjc4Mjg1Mjk3NwppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMTQiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NDg0OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA2OTY5CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDc1NDk3NDcyMAo
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x44783f23fc739bf0000000000000000","13":"0x156a472f9668a48c0000000000000000","14":"0xb379ad9100501ee70000000000000000","15":"0xaa9874fef5177f0000000000000000"},"debug_key":"9392928882782852977","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"1513026831269919340"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5zyrr3xpcfb3
hal9000.redintelligence.net/zone/ Frame 7CDB 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/5zyrr3xpcfb3?subid=&gdpr=&gdpr_consent=&rnd=1699960284880268&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLf733FVTZYzdNY7XgAepuIZopuW9oGmdl5ynyQ_wLhABIOWf7ixglYqJjrAHyAEJqQJzy14MCvKxPqgDAcgDmwSqBJMCT9D9NWVYaJS-x6lxfSZMMaIrgzDgB3p0tgC5a80aLpKlha8XpbaAVR1zsAQtovZngr6uCmeCaxWySj3Z_bDAAi45k66GmLZ4KKizgwi99S8HN0XCilnopENruhGN9U-Q4xB3NACl9VuS0RiYtEKyC5aP5gRcQOQGDzchjJ8IB1L8jqvRRE7JGzMQsxMzAWcXO-K3zHwzNEGhcjMf0mEIX77VDHxtolEkqc3iAPwm8fPsLIwG6JhgpdfPj-yh2tCofv_VoEd6WMasC5JISYFE6Upflm423W5m0J8TmVZL0BGjMThl-saaJbeP4InQIVTbf3N9Mg3w8zkd-MuqQYlBPsQK81y91l_DIB3hZp2JfNvtpfrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIi6ilx63DggMVjivgCh0pnAENsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNKMc21PVJv9TBjC12dsfZBIGIZthRt86xw2TVkkCzHT99ipsn2hs7jYzK-1Jw1cM6wArr4zY_h7RRC0t0Osrk5jsvG5Qd5G_F3RgB%26sig%3DAOD64_3ms2PEbB1JIjtfV1zZB3HT11unqg%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-Boyc4ssyouytgNw2_jP9mzRV8dqDf1dFLTK7_S4Hs0Sg5tgexfCtv8F14YSx6TpEd2Xxi7DL1R9-jzCXWz4s7974NvaD3-siontYBNA7iILr4H5SLAAMLg93dW5Yw6axAK77ZpxP7n4U6S8-2dq3juJYtyMMgtTzbHglL9wuLda-pOIZ4%26cry%3D1%26dbm_d%3DAKAmf-DuHXVx2cRuRRX-urWcHEIfrL072f05il0sNIoR8XBIZ4Zq8ltczojhHrU3yK1YIUkqxzEObpnZ28If-r2q6qqBWioBhHruD50g1U-oRjSZ6KIK3hK_ZV82u3CR4jcnFrZjw-3ZKqBFhgWrCHhac4BQLGlrqYT2VTbMt8bESuov-jdq6FVUVi_VLiEPB8bqZX6uTm3cuI_qS1mk2asFdpxno3_GBKlB3MBdBPa6XeIuNraJ7EzFL1YggGZ_RG4vF7YG90o5QuNXGxu-dXYu5sg_-wQGUHqzs8-veKaiCoktCQ-cdGu-l8FW7CBtmJ9bSlTIOKgdGac90U_y4T3l35nBbELlAJcQqWb7HdmAvOVG7uojcKY8CAqrC0HY1KXmBwN5uG2xGOW6h7TZPxbS78BUx6qwlpB_7YsoNQF1Bo1FZMZXWw7omv5jqxdPoRaJbDYCn6fg3geSUHR17shlNuowGf-cUck5DEyyOkTBNTUc3XcPLFmH__JA7Pg1vXvsbTf_zHUa1hCBtkSf-q1kyjC_z3qILzFAMOKocqGa34b_1AbgPgk%26adurl%3D
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
452b83a32814a3c71942b32c135b3ffc72906b0b723b9f071046414bbf1b5eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4222
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0F49 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CqOGQKNFL6h5pHATgsME1BdavQtQf04kAuqa6_E7-WkRxsQ-DylSI64kVKQ5PCH_0_Bj9omBm45TUBmu7sLw_4CydITEiyVmu5MoPosKULrVdB4jI6cltgrxdJju-LQWH5wNmteK-sq-_Ff8QVCn2KAkWnK0kCHgvHWPnQAcQyCp_fnCo&cry=1&dbm_d=AKAmf-BHhLgCyiwGn0wAHYjYj8v39HnN8Dy7rOkIAc-c8nKo0Ux20U5hU3jnRvMLKmIg1YiDPYXT6L6hiTx7r8yKc1OVq3E1JwgHmwBlXrKdUJzS5hKb10vXSAYHJeuElHtGJOv-h6RplZo5sZS0VMTDi8InNjeocsctUwOImYHzEnuhsrP9AXQ1DdCD4vRRTVwJOaAZ1sDQrU0bfRkyo7LPoBCk0QOll0OK0fob17PqRa73dYHTKtYGpZLFxMSmAAMWf79WLPj-SPYTjtkW-tWOyHdPtx1SPWSgNWxBvBL1fUNTLONRAEMKuuBHAjQQk7l0GEMFHqIll5jQ5dEpquYJ9NY8bOfsYQ4eIwOq0HVZYeaeofn6oerLBuM_rybYM1o5Ng4c54B4gXGMmRhpvCn1Nh8m2EJXb3Af6qkQjw75bseeP6D369FJ2Zil7sBsQ0lUfH0oQ7m9V_eVJxINcRBEXqLYn-LFpoUu601xBxTkdMvfgNg70bVpJ2qxuC0MG17q-oPPgUEQ70B65uSIwOjoxAR9NafM7knAGyxab_CSUSQuT4rB2Bbv00sAO56yjgaLMMs5v0oN3OC8h3CEWExHp0tYEwnQQ7PbH8O-HHDhJo9JFihk7aMGGTzj47ECHOUslApiPlG1aPyzbTrJHL7LLWQ1rQJ-85PGW5W8iAJ5egSfADmhaQt_6tyPQaO5S4XI8j3UhUTu5meO_YjutTjUiY_khesCmpr7y0_BvBe9U7l-ILcze9aoC_EVIaQe8f4ZtL3h3cX71OhdMBWWQUk3PHOMzVMwroOXnjbo1-NFHY8zg11VGfsHOLT1tTLXwWpJlGa5uTCCKWOY16l22s6d9jX9sitoKogJzxkWBiaR2g3V8UPYRiN_e5uKK2qF4v-sl8RAuQZmvIXE2kH9yGEZmFWZT4qrH54MLqECjczmhWee1NLur1XuTrW6fHBwBwtmnKpchDB2WI3md2nf4fFp9P_ER2WdbgH-Pi9mlWg3nW8LYf1zmM8I-PVYb58Iz70Md1pli-qBQEZrY9mDdYAenK0Ve_0xrZihxkn7apXRbz2rl7FRMqhmBixolQX5SP899PeWSQD92WhWoHDWckHmWZYYIY8t8lqMAwJG3oRAzRsqwCrH6VITORp7a6WrHgOV6WWY9JWgxJ_TH1gxfSBhwjxv0HnW54Da_zoE0fFeIeefHtQ1WTU6sskbks2qlSSq8spyuMWDhXumXKdvRMV9F4Jzui9lVFBR7mLd-7ju8S_u2-Xi65y7KhocWA0g8NySF2K4zcBZHwfUw3VavIYWKylpN8W1VsdCHpDMZjtCCACd0HSf1nDhfyKDf2ylP2FTvo4giJQWQebWQHfAs16MA0yGTH-GDgc5PgwT6KdoFZkqid_9YicrpxavA5oxWHoUoWeHZeQvj0SpD-phRLcB-PyTP_WNlqZEY6krFqk-cjOy-fOVtaHs5NHAygkqgPZR82z-j4IrHs1eW5cYiXFZbuNjJTrcmNHlmt14WONS7jqQgPghUyEX8I5u6LyOOzgANVI6wzVcysTsSNUfM7JtfcTQ3QjaTUo50Cx9HskUBreN5JwfV22ZKdBksEeQX0ewSe3CF6xHmhV_OaZ0O2SN8wGHw81cgatRrlaHV1vGatRuJEsoBCqIUMA2-Yjt-JBGB-ZoD1q7MYO90BLCOoK7f5eubfmGGw2E9XnKsiCRGeiUajc3XRF9uHnmQ79IvYsD5uWZQPqugPcd7fYx-i1DxHE4giJTlflTqPnaWYJrL0VpiSDwepllTihzZVLGoV013ZPjI6E_mKvJmvZpVh9YhuzLojSNVzTIq1gpve8VUagPBpRKn90s4WFR-1dQdJXkyWUyVHeZB3KpVJtKxAkpNJtZvfX5TTiJkzgTszOwi-TGqxygQGFwrdAq6uoOpyV1uvNn5HcTDJq7jk5eCM-gYS8mcND5A6FH3cIR0JwA1TSgHo9Yf7lM0FzKMMvf6Er51R9pNNj160XZsP_L0cbzSJ7XU3YmQkwdFt33LzByL9NzQT7X3xYYqZUGbErYkkV43T7t1RWyqw-reXfWiJZsxDYHNZcf0mdlxARRND-qGTeJ0GerHWpLY6HATqIg1W7clG3JbJ0tZkwt0AbHbx5AGsUosT5BBWWg7sVIzK8WMfyap--OKJJa18Znjsj4uZ6CccZb9Kd8UwDHmGS37Mpxt1fyCIHR6AqAzagIxXkihmdVLNv0MT7ed7WYPhgTdv2-p0U4u-eMd3JdSvMu7uqGd_aC0pkZU1BTDda-IoCmLaAQz8tjUKuuaFKI1HfC7QdcXDf5u4FqtcRGN2jY_jzkeNHuFgDWBhN3jUlXtwo8h3e7685NNOZn_G3Kveyu0vGWMYf_5e41SOl7wUywCPi-Q4kru3IxiwJzsY1eYuufBPhaGe3FH0WYQWuqcx9PkepYxnBvXrhSNNl3FV3ACW-oRY3BmkuQ4jL7jxc8E5y2jjrRxWMwzRdTjyF98eiHW42aKb99Zsi4BWn-1LSBE9rcHuf01B222RZDJDaVBlvFJsXab19ZvWxKz_-d7XoGxFSwHG5Dd9VVvtIFtYK19ScXIwiUk-OjJkhpd4taFDSYUvLV63gq7c-XlMZxa9rCVLs1xnU-Zp17-opjMRUXpoXpvit8rUUXjv9X5Qg0M3uvL0abqa625ZQxIbgr8KvSJa8hRQ1NNjckVip08ILydhN6VLh_egDrsE2dPGUlrBvfkeJTvrYr02MSdvklV8OvKgWirxpaqNxpcbUtOT1pvb427cXSq-E2A3miQbB6yuL8j1nr0u3O2glblJMUEmpcaLApMMBuQpnD46SwB_VqRJ2PAnLVj3akpp9MJtxxiwGf2UYFl8BbQGMp68ZBODQPWIgYqe-CGJtCGpvNs97q8o3m2ujNeoqfTYBAJ4jhvwpTOY7obnpr7JIppozTIBhw0sAmD6MADSSDLalUfJ-tpgH_x4rQiQbRSW-S7tMMqDZZ8u9ubPkliy8CSxFfIHaIWf0Tx_SfibtpA5RnQHjtD4l81_99bfnjVofNuMim5svgBFFzAGX_O-_U-PXRBK8xQ-cR086_wkPv3X1kzAGnMwjTmBAvVRc6kKwa3oFpHvBg1RGfVdlx24Ts930dwvcnjzJtWIeKNfKipnuG5sS-ohbZVZN2ElWx-ddH2olghMVE1r50uiUYs8AG0My9uuuXxcXy0elaN1zXPxG3qNElm2rqv4u3m19rGL3uNQfmzwhY6UDVxeK_EjgDhcGDJ1OsWMyjqvejzD2DJV9OMWo53h4EAQmax6qBnhK_xWjbOJ22gE9OT9YebSRQcjwNfadQw79B3_HAJX0UPp1g4UhK4tp7Eq2JZhQ1xYFnuaz_Cx6xVdbPpS8WwWOpAFX8Vt2Co3sek-HBTHiuRZS0X2mPsFpkd6kwDbHpeRiD9Cdjx4ZTyPTrNNEocyISCq1bIGoSifMIdqj7dK8Za4XvdMJzEQRgsAEPEGsTS6fYnAPuRnI_coMi71HdXtr8m5w6o9nFTeGLCUD-1knerXfSJMFCvVe7U8dPplmZBvL46XggGtGMYN63z0zt_pMStfJfAC6J3IuR-sQp42ELPbGdCkeYguVWEsMDPEWny3_xyaTv3oI8bvNdkIgKDs7hrH79qZ7wWxRTAx0aXTqnz1uKnGqHIeaZcL4pM4DwNW8Kpdp8B1Wz1EBNWdLljKwOtoP8pQvSKD9o-YqnAUGBBd5K_yI0HI_91R8lzAeKWK5fVJ06PEABEuWtvFlkzMiipyqaJPPjw4i7lSvs2oLL2Bz0QdwJPnJgmgn9P2v-GIZwvZLWvtp4VeX9_91A0_xslNZn1CyftWXVObap7YJYqnv43E4UFhGy8qF8R7kBMGGvOqKOqBSeBU1uPUGA52C0JHzqyMjhND3_BwtdmJwAlc2W8Bwm5J9sUzjNQsLtmXkaCmoCzPf_DoKCgzNpzUQGmUXYn8UW8SAcgIZr_QNd4987BdKU8YeJcAvD1tUQsWPgthbpVzgtL7IErKBf2f4&cid=CAQSTgDICaaNGaQSiVXIkn9tkV6ostm2ZsIATzgWtUWMPeK-tLWKdxxZkbbv6BqUgGXCigfm8Emq28chWyAmAKW-O8NKcdDObFAY74gGh9HHLxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftwire.gg%2F&ds=l&xdt=1&iif=1&cor=5103071550939353000&adk=3047537735&idt=132&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
365234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTk2MDI4NTcxNDE5MQogIHNlcnZlcl9pcDogMTQ2NTI0MjU5CiAgcHJvY2Vzc19pZDogMjY1MTcxMzg0Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 0F49 		0
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTk2MDI4NTcxNDE5MQogIHNlcnZlcl9pcDogMTQ2NTI0MjU5CiAgcHJvY2Vzc19pZDogMjY1MTcxMzg0Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA4MzQxNjgzNjIyMDY0MTI0NzQzCmRlYnVnX2tleTogMTM3OTkxNjExNjI1NDAzOTY2NzIKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTExLTE0IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzQ4NDkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwNjk2OQogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x44783f23fc739bf0000000000000000","13":"0x156a472f9668a48c0000000000000000","14":"0xb379ad9100501ee70000000000000000","15":"0xaa9874fef5177f0000000000000000"},"debug_key":"13799161162540396672","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"8341683622064124743"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5zyrr3xpcfb3
hal9000.redintelligence.net/zone/ Frame 0F49 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/5zyrr3xpcfb3?subid=&gdpr=&gdpr_consent=&rnd=1699960284914961&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpRGl3FVTZZHsN_iU1PIP6IaB6AKm5b2gaZ2XnKfJD_AuEAEg5Z_uLGCViomOsAfIAQmpAnPLXgwK8rE-qAMByAObBKoEkwJP0MirW5SLarVim6tYcIltyxbCEJzjrrW83iH1gxjBaOBwvKzX7116a6e33ogPjLGZZeZ-wfj9BQ4-9YyDlm8K-F9_PqHvMd52qdkxtejCYV_plqBDagjYb2rYK2AHUBcX91s-Oj9A0uVX_4Mnh6C3gx7bw-_QLLAWwrR95JEg3Xmxyul0KiGYDYcFeulqvaZAWuWNLR1kBmecUKWIaFjXOeuiFO1xiEG9_NaUPmzCNXp7AzQXsTqudK4xPdMioN6ZdYqHt11AF7KpSHn-tKfMDk1LTj_Kg4JeIlOlZQpAR4-UI3aWS8z-bKD-i9UKtUEUq2QFIR3yfxJuH8NyMA28ELI6U_mZ8JAbW8nzlauHkBB2x8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlikrqbHrcOCA4AKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJEReINEwjghKfHrcOCAxV4ClUIHWhDAC2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNGaQSiVXIkn9tkV6ostm2ZsIATzgWtUWMPeK-tLWKdxxZkbbv6BqUgGXCigfm8Emq28chWyAmAKW-O8NKcdDObFAY74gGh9HHLxgB%26sig%3DAOD64_1KE8npkfvS_Tdwd9NwD3phsqnGLQ%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-AKfF5dqx2bEVRVPVu2tRnQEGpJaQkbwOKf5k2_GB4vN4r-7PklsvdKqIr0gV3Y8H4WXQYhUf3T3DiYPoxydvA8jnjvTWM7XtiowG3V7STII8yx-Q7SewKKTM6WRa6MZiHplqTrPqV22SkgoR8XdE14bUlDCkB9PUgQwik3V2R1WhGLAio%26cry%3D1%26dbm_d%3DAKAmf-CrUNH-2zug5ethKVL2JZuSMEJ2WBp2ZhaFpcKFLPjv1q0yJY1LlRaJdzVizPwbp1f4iAkRdj-HLB5ZD9cGe0vCr7jsfaOJOLIxJmykYf-aqWBKsXmvl-0bi7Gj0gtESW9Qa570EK7qI34AQW6dt-9B9wj7fmrkQp7_9jidVjL0t62akLDeYYMzNYHhWlOY02gS2kG6tQocCKTFREkxTj2xOEZHgNgpG88eh1ChRxGboFEz1sxVOm0RiMfbaOKrOKUpJ7bZ2uOBhB4Q6ojPg2kNtv2IkMXNiqPHwHjkprBWyYYdiSKER8KqDwmNvCVCJCoaJqtLTgLTbceZBbLPwtFoRW7iQb1kc4LvJAReWzSHBCq8ZgZjZB_4yUcDRc-_nUxDkzoJMuEa_msmWNTZIs3isFy6ueHqjnSYJyykBb6NSwqkZnuASmXb9ym_EmEUwS1xi963W4rxNTDA5XjJ_ms150c5dtPRlNbSadY1g-DP9XTdbLLipbbAdCeZx5SzHvRao1TFZTyWoWqzEJ8lv2FN10OmE9E7V7W8NL8rpK-G-n3SJis%26adurl%3D
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
b04127696656d3aee3ac55da9869ab39d650be102797a4c71d2803539ae1cc4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4238
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame ED89 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
470963
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame BA1C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AV75PwmEYF31y8xs3suQS4trSdZhiKIiwBiLTPSEFw85sUCtlXrcQMqBHNmZ_hoQNsVDby-qaVRsS1hWMF4yD16tQtm98KSw7HMQjvj61uM0l3xU5Ls2SiomjA7bLvnM87IXdAyAwZq2vS7L2QWcKcjWp7XApF0oMIwA1BYlrV8_J6LFs&cry=1&dbm_d=AKAmf-Ap4_Y-Jkp4yIPLMZLJn4chCCHl8P4uyd-P7GBaj0PycokK_m_ngU4WVz_cGi3tvtvmcR3Gfdrv4Q683lLzY0tKvB71mGf5nnmFRVXMTW7YhsDneVlsKphfjIuu2yPcLOAbxNGQZtze_lwcB431p4i1ap6fdcucxNigIUtsG9sZC1LwePL0e3vhcFP2zfjxqUFA6dv_K-SUDzLWaTZtC2czaqUu-W2yYvtPLUVszgkGLoTepVkxiQHwjTzCidZAj0cpVP9qROezItJinqsfFcRknoityYYc7cNLPrz3y9-r2ZnDirxHcD6m_Iy7SKYIrKqHajoctMo1JX-NhCrw9wzyn-lER22fYpkoQrBz_9HZ-KCfNb1IeUMeZh-ONWuYLkAmZ144YTmr36wXnAlQUX5C0RBSQErM_w0fjJmBELwQoFTCS-h_XcssQN7etzTGfmzKMG-xeoKSYD7PPmuGKVk9jpEUy0tAx1frt5bSR9OjiNBNhWrbLubBrU20BUkQvsBhBCCfl_Rcx2Vq1WFpqPtGigiqbXnLNPmckn-AoIoxpF8WYL9MDOSnqmezsXGD9q1evYXaRresaELnY2RwxbPppnh-bdxrrCgHL3HbxnaEIe8LiZZW5rjOieokCytdo5_9RV0qSEd4wRIwB9eSmHC_gLoIqYB78sHAeKn3VRrxLaouQaswPLFMbcHvdBtIdK3W-hQoM8gtyyAPuI739HbrhYtg7YZKx24CjyaahiA8sId9SlTwCqsibLG_VFeUi4-FSLA8yhD9Xjt7AIVPoZXrjEVGary34HIHqOBS1yZAN5mcv7DlCduJvTifSgtVQiQ95oDzmhTsK8aGiKbFBxFXKqZJnIfl9ghTM0W6QGTY_G-S5nQw-aoXMarKAqphKskyNKBkkQYfv44uqbHfFqNiPsQBIv-3Xf44lFzsmylLuV3YSuWpPfGlhCMZQrR2wXBsd9pSRROS46ZNsHVS6GW4qP8xHUcJruxw_WdY2BR8iefiEiqF98Bd1T6i4IiwEElwQJhnFBS07SpZGVrWjKvVhWOk5-s6nWrtz69Ef8jXOA6GieNGsYIdJ29i5f22Yx6KMIcW8EDr03Q4jRukd0yBoFN_1Nsfxhz0pDvlJswdMJ-mc1652GU1_N08x1uJ9GXVn-qC9Ye2bk-kOS3fbq-53rDZRisxEopo0xeXU0r_PkR04nwF0UU70686cSXjNyfY0bYVZFWxIIRPuHN2YDq2gfFcCeqyuzZk7s2_jI83wHvMIN1IM4nx5xq12Bfa0bxGznHoFyNWjqegEUft1kcG2GN1mFPAD6UhNQA9av-J9mPGdVZX0H8Ewk9D_JSECZ0ik9lBbZXUt0IlWAvkFNk-dgHt8-8CtgMo1VJTafgcIrlxmxehi--mdskaoMW7twdhBl-72UNExNgv4QdUlgVtBsrbwSxxx1AqLOR0inz_1lfiREr8hHmUpI6u4i-_JQ5KG9ztbAx-VLMlM-LSZ93J3gEGCbe1zd04PDDSAtv_E5UXny4gPIIIr1D75UYe94KfUqTGStQnYkMXc1uOqPOP6M0u_OS5zs7I8KpPae5hiXNue47T2grTasObz4TIO9RE5ars0iuktnNgSnsdQmC7Gu-79KLmHwhMER9k5bVQzLvJOj4_rYjg-iLO3IMfIbSAVHfOPMO1cqisWV4Buvs8mXDF5ozg4zrIF7_gC9dVvUlBrXnh50vJLT6e_fvIl5q3zKH1elBCkSBnEMj1ik65aDFl2Cki9oPr5vVGgm6Jtm1jOuQPJnpJFDPysoTJFBcYRKn8Z6ngwfaAn1QyhoheMzHdhnTV3p1HrisjmyjAS5I0Biqn8MV2fQ6R-kCtq__poDMurt_4Zi8BFxxbEOsbIpFZKilcDifbWpfzPBJwCLim9qxJjn3gx_xR7hyIBJMJf7fN5v7oHloAIwtbOQNrmKVOWsRogsFxWsD1QogP9shwO2eBd4o2oo921_tPNObg9JgGwGIVT4wefiy-IBQ9Ct8EqGnG3SOh6LwLLv_BS4zKQN_GIIIt5-5O9hek15S9gatha4CGGiV0ZPzMUrOwf9B4JYJJBsN21Eu4DQipZUb6_v2gmJuSKYpzvNf3gcwtCJZqMFMv7ioEApmK2973pRsPunyAuUKz7uin0B144XfsJjhFT-QH4vu74hN8dx2kOwF8VChBaapFOJt2YcI2IMouKotAzwqQpwMbV3HAwC3oTaLq40zd1XlCQxM8ZTBZ4I5tUlu4xYnXpTcOJlNBfmWw5LyVWuUmFXBJNKTbUrgUkS69xc1sp2wt8IpCe3t6Y7G2EiMnAdRDRBdgDQAE6nrw60U9peqSFxhQ2cp_EkGXGcgUzGRmpKLB8cNJAcmD2i3RTmFjZajrPHNjVVTDBOT24XTlWsLTwjGduAW3Pc3MqP0euBSnJLD4UMdPSqTn-whKhF4X_m3o2fMcajEiSZhbuwEavQ1SzdG79-FLmEJ4QhuD3_31_dCUD5M_nRVtBeqaqGyiq4dYYrIIsz2WNBy3Y3VVwCgX-dB_aWL4peRHVPxjzgrlorXhDqhVpvrQc4YEiIokWKPy3yH40k41XAnvCsuMW4XH-15M1C9Mm60-fOA9V8o8IYk_FQRJq7l1QwjF2WdQ8gX5U6UuYzLOzB5EW74wt5pJZTFOoZy_nraOgh86m5avrLCanp6V_NgAMGJbSuJkhDVbljw247blMB895mu-4eIccLQ45XPzY5oUgsixLtTKMGbAahsrqG80hOdZeGYmqycJ3hnDQe1Pc9aCZkgImMGRmEr-_329TeFf2_roMM2YvnnSa5hZwnVMxZC4CUJzC5MfLQK6VDwd9xsLVFKZY28MQOv5mQUhXD-FP1cW8BvsAjFMMPhhhRNz0jgvbNe7DWlO-dfi4TSIVhvMvXClX9ADZUv7b9JrCqnSg80amiQwCHUClfohCDEAaTi2o0KH7dR0ksJGcGxdlZRg3iRLvcVh7g742UIx7tOxnAbR9eehoBYSR8BlUneuGjGrG_bnbCD5dR_63qyRYsHmbZWKs6eUrcDoj8zBZ7KfSynDxehPudHGY75AAxUT_Z-QP54IWOe56yLI2HXSXpxJviUZ6y-ldJH3gyij_LNJsBJJd2BL8HNogQJXlC2eSFYLTHHIfvS9ym89RadN5Jq2PEG06mrPIo8vev8cME9KI1tsh4vMOmOPcjkaSpnEM0svhZgPojl0hB1A7kCbTmjYwPORl9JFnJXQU72W06AcNpsgk9ToL7ugxnQqE2i4qLnVJK_kiENUI0GicRhSY9fAtRI0qXBPqbjOeTpnURYmqYLwcZUhcN3_yBidiAzvh8i3rK-wsdmumBbg3KCZNUuVLHnl_CAzAmMLjRcWfFxlBfGiMXI1ogCf5bjILxCiCcN7iczXVafqvfQgmwVdohdKt7rKEwVCyouDQsHBil2ixW1RjzDsWFeU0WTCGkeBiQyxlC79mbkv7vvxOKY4PdNhFwP7nviFrEAsx3dhWm-Gbe2p-mSbjz-ox8gGx_7oc_GRdT6qMLRW04i6virLdIPo_tXsiHsJvPvv4f3d-hFIMKhA3CBBrRyXTtRK28mSKAQGxtGeYqauNmmZTCdQqjy8ra7Rs3DQbkXB9AtATWYmuEIDslpfmEs6uXiXCJEabHDecgd9AKV7hh6HjLi2-fDZz6-gL7P9NFvXdYp6CONol8-9knHgyO1j2N8_zevo3ZxYR6kCKkBvtSIi-3_JndF_P4SZ-5--dSSzqM-iz0M44PfTe2WjFFZqsBD_71Jtr2djTsKMW4ipl3D2HPwTtJ8hQoZrC0dMhAdh0-YhwL-sOGJYadkZdIK1jVcxYm95eiVddC4NfYQgZ-HcnC3xpybcf98mn23rcJN8-2iuKyBC5k9jzSyvQhMB8v2zF9VmgqizVgXLUjwqQQSCaeykXObbwbEUZ9CtlblBk2_pxSmLX__u_8pAXnDBbGOhl2YK440JRdM-LC1bPmIwi2dlTa2vRjrvejYRISmJr800kylDNM8&cid=CAQSTgDICaaNJ-PA_oImov2HbtOUXsS35Q8AGmUFoYwl6koonX5Mi6f_S4g_4pKD7s9e3fQgV8LIaxeepUWb1P6fDCzHv0PmhOiXBtjZHnhncRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftwire.gg%2F&ds=l&xdt=1&iif=1&cor=18323929860426938000&adk=2857193498&idt=151&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
365234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTk2MDI4NTczNzA1MAogIHNlcnZlcl9pcDogMTM0MDU4ODA2CiAgcHJvY2Vzc19pZDogMzM4OTI3NTEzNgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame BA1C 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5OTk2MDI4NTczNzA1MAogIHNlcnZlcl9pcDogMTM0MDU4ODA2CiAgcHJvY2Vzc19pZDogMzM4OTI3NTEzNgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA0NjgyNjc0Nzg4MTE4NTc2NjQ3CmRlYnVnX2tleTogNDgwMDgwNTUxNjIxNzk1Njk4OQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMTQiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NDg0OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA2OTY5CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDc1NDk3NDcyMAo
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x44783f23fc739bf0000000000000000","13":"0x156a472f9668a48c0000000000000000","14":"0xb379ad9100501ee70000000000000000","15":"0xaa9874fef5177f0000000000000000"},"debug_key":"4800805516217956989","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"4682674788118576647"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5zyrr3xpcfb3
hal9000.redintelligence.net/zone/ Frame BA1C 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/5zyrr3xpcfb3?subid=&gdpr=&gdpr_consent=&rnd=1699960284896008&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyMu53FVTZYjYNs3TgAfW6qyoD6blvaBpnZecp8kP8C4QASDln-4sYJWKiY6wB8gBCakCqyTXQ4zxsT6oAwHIA5sEqgSSAk_QID2fKw7t-zy5mTzT3o3kz6e4ZPjwo4veZYjWvl7K-cL4Yut5nxZCVCBs5gLSbTiAHIAUIfDPnPwB0PhdBIPAnTmCohNY_-khp9l9Cip_JCni4blk3cqO_2dlFUbuKE8pFzkV-6NaQlUrWdwqFCPZJkeNzbONbx5NarNM05G5hoMQ9qgm2sh8rHKgo4fXA99CGfEOo-aW_fTsZBYxBqP-XjiPlhW17GzDuVL5Sr7f6hjb3SuCupEZc3Aa0fzN9RoG7pGqbNRxbmxd52oJ-89Gxwn1IkgebYHOBlfU5ocH7MxwYPsY__Wlc5rtXVvp2B9zn1gPkrhCntMqAswjw4XVuWQ8Mru4fcdAH3CCWjp6lFTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwjq_KXHrcOCAxXNKeAKHVY1C_WwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJ-PA_oImov2HbtOUXsS35Q8AGmUFoYwl6koonX5Mi6f_S4g_4pKD7s9e3fQgV8LIaxeepUWb1P6fDCzHv0PmhOiXBtjZHnhncRgB%26sig%3DAOD64_3bVWjJWL5iGyXbEds_5rcbfqEtwA%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-DU0JzzV6e-88SRLt5uI9Zt9GymUR0nOuS1b7p7TJ_oHC3wpKjnrA_lliKuqHQcIMmcCpwdHGj6AgOtMhVZTJMuCcyghZYNBkmhjflxGLHqh1sTizsorSfdS2vtOjdWFOvX2Quk7JxclAokz50-ICjMaHirHs7E18oruW-cG2aPDDjNZ2U%26cry%3D1%26dbm_d%3DAKAmf-DjbGthtoIVxQ6_x69oKpzzx4g5EO0fhGfEwqwfvO7e5lKdYBlyefgLZ6QZ7owqBzLdtLB2wjZZYubEb1aw2SVrqTcagi9GtpvvvoV12hJBBYRuP0sHGwy2vfGzM9hU8N5EfUS8UYOd6-dLPHI88u1Ypgz6xo84zCmPZG0xRfhqlo1yVeUTeRy0Qs4TsJaKTyyEhuN1IK6Xfl83BJG_9o-1gbeF7oNzwJ2W9YIrQ-fRixV8XdQDAPBZwVgjwTdV-EAzk2_8zsQWH2eFG_gtoHhHBqI5bOjN885cPg7t8M6Re47EyOMkwDtSGE2L0jmL9rIAzIK3qaL5-DY2yg7q5FuAZXk_X5GkmfbGtlHgtX88XyCKID-GHzycIzAv73uZFa75Q8K9a6BqkP9aXgxZFCSZf7S7jFyI4DsouqGVEI4gxH9J885wUxxLEz9pP8aFjVnV5Z6D4ee34lSyNy-xdDKWsBSWSFkgvp57aLzNlpC2EWJN4392sIYxT0q0X2SYZqFNDeqfkU6reRoJNsSvp14WcJcwDq3_1c3EYhb8azZlP7hspcw%26adurl%3D
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5123aab7250c4951322ed4f6439a673c9610ebeccc393fbe28e06b10c03b58c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4228
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D1AC 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
470963
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame B1B6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
470963
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 00:22:02 GMT
expires
Fri, 08 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame ED89 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 09:56:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
4472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Nov 2024 09:56:53 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame D1AC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 09:56:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
4472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Nov 2024 09:56:53 GMT
request.php
hal900012.redintelligence.net/ Frame BA1C
Redirect Chain
  • https://hal900012.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d5994fa0e5&subid=&uid=ccad0bfc9a07019b&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900012.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d5994fa0e5&subid=&uid=ccad0bfc9a07019b&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d5994fa0e5&subid=&uid=ccad0bfc9a07019b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyMu53FVTZYjYNs3TgAfW6qyoD6blvaBpnZecp8kP8C4QASDln-4sYJWKiY6wB8gBCakCqyTXQ4zxsT6oAwHIA5sEqgSSAk_QID2fKw7t-zy5mTzT3o3kz6e4ZPjwo4veZYjWvl7K-cL4Yut5nxZCVCBs5gLSbTiAHIAUIfDPnPwB0PhdBIPAnTmCohNY_-khp9l9Cip_JCni4blk3cqO_2dlFUbuKE8pFzkV-6NaQlUrWdwqFCPZJkeNzbONbx5NarNM05G5hoMQ9qgm2sh8rHKgo4fXA99CGfEOo-aW_fTsZBYxBqP-XjiPlhW17GzDuVL5Sr7f6hjb3SuCupEZc3Aa0fzN9RoG7pGqbNRxbmxd52oJ-89Gxwn1IkgebYHOBlfU5ocH7MxwYPsY__Wlc5rtXVvp2B9zn1gPkrhCntMqAswjw4XVuWQ8Mru4fcdAH3CCWjp6lFTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwjq_KXHrcOCAxXNKeAKHVY1C_WwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJ-PA_oImov2HbtOUXsS35Q8AGmUFoYwl6koonX5Mi6f_S4g_4pKD7s9e3fQgV8LIaxeepUWb1P6fDCzHv0PmhOiXBtjZHnhncRgB%26sig%3DAOD64_3bVWjJWL5iGyXbEds_5rcbfqEtwA%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-DU0JzzV6e-88SRLt5uI9Zt9GymUR0nOuS1b7p7TJ_oHC3wpKjnrA_lliKuqHQcIMmcCpwdHGj6AgOtMhVZTJMuCcyghZYNBkmhjflxGLHqh1sTizsorSfdS2vtOjdWFOvX2Quk7JxclAokz50-ICjMaHirHs7E18oruW-cG2aPDDjNZ2U%26cry%3D1%26dbm_d%3DAKAmf-DjbGthtoIVxQ6_x69oKpzzx4g5EO0fhGfEwqwfvO7e5lKdYBlyefgLZ6QZ7owqBzLdtLB2wjZZYubEb1aw2SVrqTcagi9GtpvvvoV12hJBBYRuP0sHGwy2vfGzM9hU8N5EfUS8UYOd6-dLPHI88u1Ypgz6xo84zCmPZG0xRfhqlo1yVeUTeRy0Qs4TsJaKTyyEhuN1IK6Xfl83BJG_9o-1gbeF7oNzwJ2W9YIrQ-fRixV8XdQDAPBZwVgjwTdV-EAzk2_8zsQWH2eFG_gtoHhHBqI5bOjN885cPg7t8M6Re47EyOMkwDtSGE2L0jmL9rIAzIK3qaL5-DY2yg7q5FuAZXk_X5GkmfbGtlHgtX88XyCKID-GHzycIzAv73uZFa75Q8K9a6BqkP9aXgxZFCSZf7S7jFyI4DsouqGVEI4gxH9J885wUxxLEz9pP8aFjVnV5Z6D4ee34lSyNy-xdDKWsBSWSFkgvp57aLzNlpC2EWJN4392sIYxT0q0X2SYZqFNDeqfkU6reRoJNsSvp14WcJcwDq3_1c3EYhb8azZlP7hspcw%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=1596918170643&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
640f2390f889c1d688eb239b03e725c2ff07aaf0cf79db3725b70031986bb50b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 11:11:25 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
66239100049493304445002012508012
Connection
close
Content-Length
1325
Expires
Tue, 14 Nov 2023 11:11:25 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 11:11:25 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d5994fa0e5&subid=&uid=ccad0bfc9a07019b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyMu53FVTZYjYNs3TgAfW6qyoD6blvaBpnZecp8kP8C4QASDln-4sYJWKiY6wB8gBCakCqyTXQ4zxsT6oAwHIA5sEqgSSAk_QID2fKw7t-zy5mTzT3o3kz6e4ZPjwo4veZYjWvl7K-cL4Yut5nxZCVCBs5gLSbTiAHIAUIfDPnPwB0PhdBIPAnTmCohNY_-khp9l9Cip_JCni4blk3cqO_2dlFUbuKE8pFzkV-6NaQlUrWdwqFCPZJkeNzbONbx5NarNM05G5hoMQ9qgm2sh8rHKgo4fXA99CGfEOo-aW_fTsZBYxBqP-XjiPlhW17GzDuVL5Sr7f6hjb3SuCupEZc3Aa0fzN9RoG7pGqbNRxbmxd52oJ-89Gxwn1IkgebYHOBlfU5ocH7MxwYPsY__Wlc5rtXVvp2B9zn1gPkrhCntMqAswjw4XVuWQ8Mru4fcdAH3CCWjp6lFTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwjq_KXHrcOCAxXNKeAKHVY1C_WwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJ-PA_oImov2HbtOUXsS35Q8AGmUFoYwl6koonX5Mi6f_S4g_4pKD7s9e3fQgV8LIaxeepUWb1P6fDCzHv0PmhOiXBtjZHnhncRgB%26sig%3DAOD64_3bVWjJWL5iGyXbEds_5rcbfqEtwA%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-DU0JzzV6e-88SRLt5uI9Zt9GymUR0nOuS1b7p7TJ_oHC3wpKjnrA_lliKuqHQcIMmcCpwdHGj6AgOtMhVZTJMuCcyghZYNBkmhjflxGLHqh1sTizsorSfdS2vtOjdWFOvX2Quk7JxclAokz50-ICjMaHirHs7E18oruW-cG2aPDDjNZ2U%26cry%3D1%26dbm_d%3DAKAmf-DjbGthtoIVxQ6_x69oKpzzx4g5EO0fhGfEwqwfvO7e5lKdYBlyefgLZ6QZ7owqBzLdtLB2wjZZYubEb1aw2SVrqTcagi9GtpvvvoV12hJBBYRuP0sHGwy2vfGzM9hU8N5EfUS8UYOd6-dLPHI88u1Ypgz6xo84zCmPZG0xRfhqlo1yVeUTeRy0Qs4TsJaKTyyEhuN1IK6Xfl83BJG_9o-1gbeF7oNzwJ2W9YIrQ-fRixV8XdQDAPBZwVgjwTdV-EAzk2_8zsQWH2eFG_gtoHhHBqI5bOjN885cPg7t8M6Re47EyOMkwDtSGE2L0jmL9rIAzIK3qaL5-DY2yg7q5FuAZXk_X5GkmfbGtlHgtX88XyCKID-GHzycIzAv73uZFa75Q8K9a6BqkP9aXgxZFCSZf7S7jFyI4DsouqGVEI4gxH9J885wUxxLEz9pP8aFjVnV5Z6D4ee34lSyNy-xdDKWsBSWSFkgvp57aLzNlpC2EWJN4392sIYxT0q0X2SYZqFNDeqfkU6reRoJNsSvp14WcJcwDq3_1c3EYhb8azZlP7hspcw%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=1596918170643&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 14 Nov 2023 11:11:25 +0100
request.php
hal900028.redintelligence.net/ Frame 0F49
Redirect Chain
  • https://hal900028.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d510c1527b&subid=&uid=fc38f143b1162c35&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900028.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d510c1527b&subid=&uid=fc38f143b1162c35&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d510c1527b&subid=&uid=fc38f143b1162c35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpRGl3FVTZZHsN_iU1PIP6IaB6AKm5b2gaZ2XnKfJD_AuEAEg5Z_uLGCViomOsAfIAQmpAnPLXgwK8rE-qAMByAObBKoEkwJP0MirW5SLarVim6tYcIltyxbCEJzjrrW83iH1gxjBaOBwvKzX7116a6e33ogPjLGZZeZ-wfj9BQ4-9YyDlm8K-F9_PqHvMd52qdkxtejCYV_plqBDagjYb2rYK2AHUBcX91s-Oj9A0uVX_4Mnh6C3gx7bw-_QLLAWwrR95JEg3Xmxyul0KiGYDYcFeulqvaZAWuWNLR1kBmecUKWIaFjXOeuiFO1xiEG9_NaUPmzCNXp7AzQXsTqudK4xPdMioN6ZdYqHt11AF7KpSHn-tKfMDk1LTj_Kg4JeIlOlZQpAR4-UI3aWS8z-bKD-i9UKtUEUq2QFIR3yfxJuH8NyMA28ELI6U_mZ8JAbW8nzlauHkBB2x8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlikrqbHrcOCA4AKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJEReINEwjghKfHrcOCAxV4ClUIHWhDAC2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNGaQSiVXIkn9tkV6ostm2ZsIATzgWtUWMPeK-tLWKdxxZkbbv6BqUgGXCigfm8Emq28chWyAmAKW-O8NKcdDObFAY74gGh9HHLxgB%26sig%3DAOD64_1KE8npkfvS_Tdwd9NwD3phsqnGLQ%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-AKfF5dqx2bEVRVPVu2tRnQEGpJaQkbwOKf5k2_GB4vN4r-7PklsvdKqIr0gV3Y8H4WXQYhUf3T3DiYPoxydvA8jnjvTWM7XtiowG3V7STII8yx-Q7SewKKTM6WRa6MZiHplqTrPqV22SkgoR8XdE14bUlDCkB9PUgQwik3V2R1WhGLAio%26cry%3D1%26dbm_d%3DAKAmf-CrUNH-2zug5ethKVL2JZuSMEJ2WBp2ZhaFpcKFLPjv1q0yJY1LlRaJdzVizPwbp1f4iAkRdj-HLB5ZD9cGe0vCr7jsfaOJOLIxJmykYf-aqWBKsXmvl-0bi7Gj0gtESW9Qa570EK7qI34AQW6dt-9B9wj7fmrkQp7_9jidVjL0t62akLDeYYMzNYHhWlOY02gS2kG6tQocCKTFREkxTj2xOEZHgNgpG88eh1ChRxGboFEz1sxVOm0RiMfbaOKrOKUpJ7bZ2uOBhB4Q6ojPg2kNtv2IkMXNiqPHwHjkprBWyYYdiSKER8KqDwmNvCVCJCoaJqtLTgLTbceZBbLPwtFoRW7iQb1kc4LvJAReWzSHBCq8ZgZjZB_4yUcDRc-_nUxDkzoJMuEa_msmWNTZIs3isFy6ueHqjnSYJyykBb6NSwqkZnuASmXb9ym_EmEUwS1xi963W4rxNTDA5XjJ_ms150c5dtPRlNbSadY1g-DP9XTdbLLipbbAdCeZx5SzHvRao1TFZTyWoWqzEJ8lv2FN10OmE9E7V7W8NL8rpK-G-n3SJis%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=2925892071895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
ec2799d7c25cbe580baf949601bc59cedf304dcb03772e02fbb6f51080b150a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 11:11:25 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
28026600061237504445002012508028
Connection
close
Content-Length
1329
Expires
Tue, 14 Nov 2023 11:11:25 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 11:11:25 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d510c1527b&subid=&uid=fc38f143b1162c35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpRGl3FVTZZHsN_iU1PIP6IaB6AKm5b2gaZ2XnKfJD_AuEAEg5Z_uLGCViomOsAfIAQmpAnPLXgwK8rE-qAMByAObBKoEkwJP0MirW5SLarVim6tYcIltyxbCEJzjrrW83iH1gxjBaOBwvKzX7116a6e33ogPjLGZZeZ-wfj9BQ4-9YyDlm8K-F9_PqHvMd52qdkxtejCYV_plqBDagjYb2rYK2AHUBcX91s-Oj9A0uVX_4Mnh6C3gx7bw-_QLLAWwrR95JEg3Xmxyul0KiGYDYcFeulqvaZAWuWNLR1kBmecUKWIaFjXOeuiFO1xiEG9_NaUPmzCNXp7AzQXsTqudK4xPdMioN6ZdYqHt11AF7KpSHn-tKfMDk1LTj_Kg4JeIlOlZQpAR4-UI3aWS8z-bKD-i9UKtUEUq2QFIR3yfxJuH8NyMA28ELI6U_mZ8JAbW8nzlauHkBB2x8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlikrqbHrcOCA4AKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJEReINEwjghKfHrcOCAxV4ClUIHWhDAC2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNGaQSiVXIkn9tkV6ostm2ZsIATzgWtUWMPeK-tLWKdxxZkbbv6BqUgGXCigfm8Emq28chWyAmAKW-O8NKcdDObFAY74gGh9HHLxgB%26sig%3DAOD64_1KE8npkfvS_Tdwd9NwD3phsqnGLQ%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-AKfF5dqx2bEVRVPVu2tRnQEGpJaQkbwOKf5k2_GB4vN4r-7PklsvdKqIr0gV3Y8H4WXQYhUf3T3DiYPoxydvA8jnjvTWM7XtiowG3V7STII8yx-Q7SewKKTM6WRa6MZiHplqTrPqV22SkgoR8XdE14bUlDCkB9PUgQwik3V2R1WhGLAio%26cry%3D1%26dbm_d%3DAKAmf-CrUNH-2zug5ethKVL2JZuSMEJ2WBp2ZhaFpcKFLPjv1q0yJY1LlRaJdzVizPwbp1f4iAkRdj-HLB5ZD9cGe0vCr7jsfaOJOLIxJmykYf-aqWBKsXmvl-0bi7Gj0gtESW9Qa570EK7qI34AQW6dt-9B9wj7fmrkQp7_9jidVjL0t62akLDeYYMzNYHhWlOY02gS2kG6tQocCKTFREkxTj2xOEZHgNgpG88eh1ChRxGboFEz1sxVOm0RiMfbaOKrOKUpJ7bZ2uOBhB4Q6ojPg2kNtv2IkMXNiqPHwHjkprBWyYYdiSKER8KqDwmNvCVCJCoaJqtLTgLTbceZBbLPwtFoRW7iQb1kc4LvJAReWzSHBCq8ZgZjZB_4yUcDRc-_nUxDkzoJMuEa_msmWNTZIs3isFy6ueHqjnSYJyykBb6NSwqkZnuASmXb9ym_EmEUwS1xi963W4rxNTDA5XjJ_ms150c5dtPRlNbSadY1g-DP9XTdbLLipbbAdCeZx5SzHvRao1TFZTyWoWqzEJ8lv2FN10OmE9E7V7W8NL8rpK-G-n3SJis%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=2925892071895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 14 Nov 2023 11:11:25 +0100
request.php
hal900018.redintelligence.net/ Frame 7CDB
Redirect Chain
  • https://hal900018.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=01658e19c1&subid=&uid=0e508188aba18ac7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900018.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=01658e19c1&subid=&uid=0e508188aba18ac7&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=01658e19c1&subid=&uid=0e508188aba18ac7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLf733FVTZYzdNY7XgAepuIZopuW9oGmdl5ynyQ_wLhABIOWf7ixglYqJjrAHyAEJqQJzy14MCvKxPqgDAcgDmwSqBJMCT9D9NWVYaJS-x6lxfSZMMaIrgzDgB3p0tgC5a80aLpKlha8XpbaAVR1zsAQtovZngr6uCmeCaxWySj3Z_bDAAi45k66GmLZ4KKizgwi99S8HN0XCilnopENruhGN9U-Q4xB3NACl9VuS0RiYtEKyC5aP5gRcQOQGDzchjJ8IB1L8jqvRRE7JGzMQsxMzAWcXO-K3zHwzNEGhcjMf0mEIX77VDHxtolEkqc3iAPwm8fPsLIwG6JhgpdfPj-yh2tCofv_VoEd6WMasC5JISYFE6Upflm423W5m0J8TmVZL0BGjMThl-saaJbeP4InQIVTbf3N9Mg3w8zkd-MuqQYlBPsQK81y91l_DIB3hZp2JfNvtpfrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIi6ilx63DggMVjivgCh0pnAENsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNKMc21PVJv9TBjC12dsfZBIGIZthRt86xw2TVkkCzHT99ipsn2hs7jYzK-1Jw1cM6wArr4zY_h7RRC0t0Osrk5jsvG5Qd5G_F3RgB%26sig%3DAOD64_3ms2PEbB1JIjtfV1zZB3HT11unqg%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-Boyc4ssyouytgNw2_jP9mzRV8dqDf1dFLTK7_S4Hs0Sg5tgexfCtv8F14YSx6TpEd2Xxi7DL1R9-jzCXWz4s7974NvaD3-siontYBNA7iILr4H5SLAAMLg93dW5Yw6axAK77ZpxP7n4U6S8-2dq3juJYtyMMgtTzbHglL9wuLda-pOIZ4%26cry%3D1%26dbm_d%3DAKAmf-DuHXVx2cRuRRX-urWcHEIfrL072f05il0sNIoR8XBIZ4Zq8ltczojhHrU3yK1YIUkqxzEObpnZ28If-r2q6qqBWioBhHruD50g1U-oRjSZ6KIK3hK_ZV82u3CR4jcnFrZjw-3ZKqBFhgWrCHhac4BQLGlrqYT2VTbMt8bESuov-jdq6FVUVi_VLiEPB8bqZX6uTm3cuI_qS1mk2asFdpxno3_GBKlB3MBdBPa6XeIuNraJ7EzFL1YggGZ_RG4vF7YG90o5QuNXGxu-dXYu5sg_-wQGUHqzs8-veKaiCoktCQ-cdGu-l8FW7CBtmJ9bSlTIOKgdGac90U_y4T3l35nBbELlAJcQqWb7HdmAvOVG7uojcKY8CAqrC0HY1KXmBwN5uG2xGOW6h7TZPxbS78BUx6qwlpB_7YsoNQF1Bo1FZMZXWw7omv5jqxdPoRaJbDYCn6fg3geSUHR17shlNuowGf-cUck5DEyyOkTBNTUc3XcPLFmH__JA7Pg1vXvsbTf_zHUa1hCBtkSf-q1kyjC_z3qILzFAMOKocqGa34b_1AbgPgk%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=4466324791177&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
f58fb4bb88b3915de9beb9c279f83e8dddb03ea0f2cfb3294abb73f72f1d2fb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 11:11:25 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
48734300048605804445002012508018
Connection
close
Content-Length
1351
Expires
Tue, 14 Nov 2023 11:11:25 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 11:11:25 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=01658e19c1&subid=&uid=0e508188aba18ac7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLf733FVTZYzdNY7XgAepuIZopuW9oGmdl5ynyQ_wLhABIOWf7ixglYqJjrAHyAEJqQJzy14MCvKxPqgDAcgDmwSqBJMCT9D9NWVYaJS-x6lxfSZMMaIrgzDgB3p0tgC5a80aLpKlha8XpbaAVR1zsAQtovZngr6uCmeCaxWySj3Z_bDAAi45k66GmLZ4KKizgwi99S8HN0XCilnopENruhGN9U-Q4xB3NACl9VuS0RiYtEKyC5aP5gRcQOQGDzchjJ8IB1L8jqvRRE7JGzMQsxMzAWcXO-K3zHwzNEGhcjMf0mEIX77VDHxtolEkqc3iAPwm8fPsLIwG6JhgpdfPj-yh2tCofv_VoEd6WMasC5JISYFE6Upflm423W5m0J8TmVZL0BGjMThl-saaJbeP4InQIVTbf3N9Mg3w8zkd-MuqQYlBPsQK81y91l_DIB3hZp2JfNvtpfrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIi6ilx63DggMVjivgCh0pnAENsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNKMc21PVJv9TBjC12dsfZBIGIZthRt86xw2TVkkCzHT99ipsn2hs7jYzK-1Jw1cM6wArr4zY_h7RRC0t0Osrk5jsvG5Qd5G_F3RgB%26sig%3DAOD64_3ms2PEbB1JIjtfV1zZB3HT11unqg%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-Boyc4ssyouytgNw2_jP9mzRV8dqDf1dFLTK7_S4Hs0Sg5tgexfCtv8F14YSx6TpEd2Xxi7DL1R9-jzCXWz4s7974NvaD3-siontYBNA7iILr4H5SLAAMLg93dW5Yw6axAK77ZpxP7n4U6S8-2dq3juJYtyMMgtTzbHglL9wuLda-pOIZ4%26cry%3D1%26dbm_d%3DAKAmf-DuHXVx2cRuRRX-urWcHEIfrL072f05il0sNIoR8XBIZ4Zq8ltczojhHrU3yK1YIUkqxzEObpnZ28If-r2q6qqBWioBhHruD50g1U-oRjSZ6KIK3hK_ZV82u3CR4jcnFrZjw-3ZKqBFhgWrCHhac4BQLGlrqYT2VTbMt8bESuov-jdq6FVUVi_VLiEPB8bqZX6uTm3cuI_qS1mk2asFdpxno3_GBKlB3MBdBPa6XeIuNraJ7EzFL1YggGZ_RG4vF7YG90o5QuNXGxu-dXYu5sg_-wQGUHqzs8-veKaiCoktCQ-cdGu-l8FW7CBtmJ9bSlTIOKgdGac90U_y4T3l35nBbELlAJcQqWb7HdmAvOVG7uojcKY8CAqrC0HY1KXmBwN5uG2xGOW6h7TZPxbS78BUx6qwlpB_7YsoNQF1Bo1FZMZXWw7omv5jqxdPoRaJbDYCn6fg3geSUHR17shlNuowGf-cUck5DEyyOkTBNTUc3XcPLFmH__JA7Pg1vXvsbTf_zHUa1hCBtkSf-q1kyjC_z3qILzFAMOKocqGa34b_1AbgPgk%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=4466324791177&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 14 Nov 2023 11:11:25 +0100
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame B1B6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 09:56:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
4472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Nov 2024 09:56:53 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
268 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
b63402b63b0f1d97b0dc728f332ebcbf65d4ecbb5c9a5b6be9196b8ca522a184
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
https://twire.gg
date
Tue, 14 Nov 2023 11:11:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Nov 2023 11:11:26 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 KB
1010 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&PageUrl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&PageReferrer=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2eebd4e0a1d80c6d521227b9f99c408ffa16a183db47b24f051f88d3a1f86c69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
kong/2.8.4
x-kong-proxy-latency
0
x-kong-upstream-latency
282
content-length
593
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
9ce13703e8a31da725f88193a9b237d35ae862540597827cfbe1c9ad6f343ce8

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUAID4GW
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
de9b62b760530dc781e3103ddf5a09364428ee54977ca1bf4d5eb072bd3f0759

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:25 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 11:11:26 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=30220e26914430f2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.21596032397908504
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d6232605f22072fbbf84e563cdbc237ce1749de1eb470c38912cbaeab09b32f9

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=30351f84a4a1b695&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2932335982641945
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5777efb24d4cd52355d2028d75a7125059ec35721e781c2727235ed45652bd6b

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=3044c17d07a1b977&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8222140884697
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d52ab65b92d5ec616358b8a10ec7f6b49375a3bac3092ef6e37eaa2c31210012

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FInContent&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=30563e464fc17e05&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F339474670%2C22606297850%2FTwire%2FInContent&slots=1&rand=0.15140792712762008
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7adbf6e90d18c59cd6b68f077cc05b99cb44d953e336fd1400a39630e2e92e48

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		476 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e2402aec976949125b1b857deaf2b92012c2dafe84072802b57b0b3d271c17e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
an-x-request-uuid
a07b249b-9ff5-495a-9b31-44c7cda16368
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
476
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 14 Nov 2023 11:11:25 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://twire.gg
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
bid
ap.lijit.com/rtb/ 		25 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.6.0-pre
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
81359b742e424c97705d13f749a41c6c615e0cc946aa1cff2bf1a15fe470b434

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Nov 2023 11:11:26 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://twire.gg
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
auction
tlx.3lift.com/header/ 		19 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0-pre&referrer=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tmax=1300
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.231.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-231-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
accept-ch
sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width
x-auction-status
12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
ssc.33across.com/api/v1/ 		67 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
6ea5b4f5dceb524731d6afad4deeea3868c8e9ae8c21ad31281a0b799a7eb978

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
6ea5b4f5dceb524731d6afad4deeea3868c8e9ae8c21ad31281a0b799a7eb978

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
106 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
6ea5b4f5dceb524731d6afad4deeea3868c8e9ae8c21ad31281a0b799a7eb978

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
6ea5b4f5dceb524731d6afad4deeea3868c8e9ae8c21ad31281a0b799a7eb978

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=940671
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e858dc102d86f45bb54d1157e73c05f8e7a49b5f17b58fdf57e23d65d8518593

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gB4eYhfHaciLEQnYMoIJTqUSxM24Km5oTNErz0owHJsoiOB8lHwa3zNG7id5wcLT3VuEhD6C%2BRLuuM36EIDSuGCofTMvPUQSdiatDyAuQIyBi33cjV%2B7kxGqiKFRN%2FMZEXw300%2FY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
825ed04bb8a82c2b-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
cdb
bidder.criteo.com/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0-pre&cb=37786399494&lsavail=0
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://twire.gg
date
Tue, 14 Nov 2023 11:11:25 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
img.fetch
udmserve.net/udm/ 		0
0
view.aspx
pb.media01.eu/ Frame 7977
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=28026600061237504445002012508028&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28026600061237504445002012508028&actionid=879111&produktid=ratenkredit&dt_url=
0
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28026600061237504445002012508028&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d510c1527b&subid=&uid=fc38f143b1162c35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpRGl3FVTZZHsN_iU1PIP6IaB6AKm5b2gaZ2XnKfJD_AuEAEg5Z_uLGCViomOsAfIAQmpAnPLXgwK8rE-qAMByAObBKoEkwJP0MirW5SLarVim6tYcIltyxbCEJzjrrW83iH1gxjBaOBwvKzX7116a6e33ogPjLGZZeZ-wfj9BQ4-9YyDlm8K-F9_PqHvMd52qdkxtejCYV_plqBDagjYb2rYK2AHUBcX91s-Oj9A0uVX_4Mnh6C3gx7bw-_QLLAWwrR95JEg3Xmxyul0KiGYDYcFeulqvaZAWuWNLR1kBmecUKWIaFjXOeuiFO1xiEG9_NaUPmzCNXp7AzQXsTqudK4xPdMioN6ZdYqHt11AF7KpSHn-tKfMDk1LTj_Kg4JeIlOlZQpAR4-UI3aWS8z-bKD-i9UKtUEUq2QFIR3yfxJuH8NyMA28ELI6U_mZ8JAbW8nzlauHkBB2x8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlikrqbHrcOCA4AKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJEReINEwjghKfHrcOCAxV4ClUIHWhDAC2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNGaQSiVXIkn9tkV6ostm2ZsIATzgWtUWMPeK-tLWKdxxZkbbv6BqUgGXCigfm8Emq28chWyAmAKW-O8NKcdDObFAY74gGh9HHLxgB%26sig%3DAOD64_1KE8npkfvS_Tdwd9NwD3phsqnGLQ%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-AKfF5dqx2bEVRVPVu2tRnQEGpJaQkbwOKf5k2_GB4vN4r-7PklsvdKqIr0gV3Y8H4WXQYhUf3T3DiYPoxydvA8jnjvTWM7XtiowG3V7STII8yx-Q7SewKKTM6WRa6MZiHplqTrPqV22SkgoR8XdE14bUlDCkB9PUgQwik3V2R1WhGLAio%26cry%3D1%26dbm_d%3DAKAmf-CrUNH-2zug5ethKVL2JZuSMEJ2WBp2ZhaFpcKFLPjv1q0yJY1LlRaJdzVizPwbp1f4iAkRdj-HLB5ZD9cGe0vCr7jsfaOJOLIxJmykYf-aqWBKsXmvl-0bi7Gj0gtESW9Qa570EK7qI34AQW6dt-9B9wj7fmrkQp7_9jidVjL0t62akLDeYYMzNYHhWlOY02gS2kG6tQocCKTFREkxTj2xOEZHgNgpG88eh1ChRxGboFEz1sxVOm0RiMfbaOKrOKUpJ7bZ2uOBhB4Q6ojPg2kNtv2IkMXNiqPHwHjkprBWyYYdiSKER8KqDwmNvCVCJCoaJqtLTgLTbceZBbLPwtFoRW7iQb1kc4LvJAReWzSHBCq8ZgZjZB_4yUcDRc-_nUxDkzoJMuEa_msmWNTZIs3isFy6ueHqjnSYJyykBb6NSwqkZnuASmXb9ym_EmEUwS1xi963W4rxNTDA5XjJ_ms150c5dtPRlNbSadY1g-DP9XTdbLLipbbAdCeZx5SzHvRao1TFZTyWoWqzEJ8lv2FN10OmE9E7V7W8NL8rpK-G-n3SJis%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=2925892071895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 11:11:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 14 Nov 2023 12:11:26 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript
date
Tue, 14 Nov 2023 11:11:26 GMT
host
pv.medialead.de
keep-alive
timeout=20
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=28026600061237504445002012508028&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host
pv.medialead.de
server
nginx/1.17.5
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40027
x-iplb-request-id
B2A2D18B:C2A6_91EFC182:01BB_655355DE_43B1CB5:1E878
/
adv.office-partner.de/ Frame 662C 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d510c1527b&subid=&uid=fc38f143b1162c35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpRGl3FVTZZHsN_iU1PIP6IaB6AKm5b2gaZ2XnKfJD_AuEAEg5Z_uLGCViomOsAfIAQmpAnPLXgwK8rE-qAMByAObBKoEkwJP0MirW5SLarVim6tYcIltyxbCEJzjrrW83iH1gxjBaOBwvKzX7116a6e33ogPjLGZZeZ-wfj9BQ4-9YyDlm8K-F9_PqHvMd52qdkxtejCYV_plqBDagjYb2rYK2AHUBcX91s-Oj9A0uVX_4Mnh6C3gx7bw-_QLLAWwrR95JEg3Xmxyul0KiGYDYcFeulqvaZAWuWNLR1kBmecUKWIaFjXOeuiFO1xiEG9_NaUPmzCNXp7AzQXsTqudK4xPdMioN6ZdYqHt11AF7KpSHn-tKfMDk1LTj_Kg4JeIlOlZQpAR4-UI3aWS8z-bKD-i9UKtUEUq2QFIR3yfxJuH8NyMA28ELI6U_mZ8JAbW8nzlauHkBB2x8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlikrqbHrcOCA4AKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJEReINEwjghKfHrcOCAxV4ClUIHWhDAC2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNGaQSiVXIkn9tkV6ostm2ZsIATzgWtUWMPeK-tLWKdxxZkbbv6BqUgGXCigfm8Emq28chWyAmAKW-O8NKcdDObFAY74gGh9HHLxgB%26sig%3DAOD64_1KE8npkfvS_Tdwd9NwD3phsqnGLQ%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-AKfF5dqx2bEVRVPVu2tRnQEGpJaQkbwOKf5k2_GB4vN4r-7PklsvdKqIr0gV3Y8H4WXQYhUf3T3DiYPoxydvA8jnjvTWM7XtiowG3V7STII8yx-Q7SewKKTM6WRa6MZiHplqTrPqV22SkgoR8XdE14bUlDCkB9PUgQwik3V2R1WhGLAio%26cry%3D1%26dbm_d%3DAKAmf-CrUNH-2zug5ethKVL2JZuSMEJ2WBp2ZhaFpcKFLPjv1q0yJY1LlRaJdzVizPwbp1f4iAkRdj-HLB5ZD9cGe0vCr7jsfaOJOLIxJmykYf-aqWBKsXmvl-0bi7Gj0gtESW9Qa570EK7qI34AQW6dt-9B9wj7fmrkQp7_9jidVjL0t62akLDeYYMzNYHhWlOY02gS2kG6tQocCKTFREkxTj2xOEZHgNgpG88eh1ChRxGboFEz1sxVOm0RiMfbaOKrOKUpJ7bZ2uOBhB4Q6ojPg2kNtv2IkMXNiqPHwHjkprBWyYYdiSKER8KqDwmNvCVCJCoaJqtLTgLTbceZBbLPwtFoRW7iQb1kc4LvJAReWzSHBCq8ZgZjZB_4yUcDRc-_nUxDkzoJMuEa_msmWNTZIs3isFy6ueHqjnSYJyykBb6NSwqkZnuASmXb9ym_EmEUwS1xi963W4rxNTDA5XjJ_ms150c5dtPRlNbSadY1g-DP9XTdbLLipbbAdCeZx5SzHvRao1TFZTyWoWqzEJ8lv2FN10OmE9E7V7W8NL8rpK-G-n3SJis%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=2925892071895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 14 Nov 2023 11:11:26 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 21 Nov 2023 11:11:26 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
link.html
track.webgains.com/ Frame 0F49 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=28026600061237504445002012508028&nw=1
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.237.35 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-237-35.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
6c5267cd5adb0bbd6dded0996c8c34cd750122dafa137ff7949269e6505effc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
last-modified
Tue, 14 Nov 2023 11:11:26 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 14 Nov 2023 11:12:26 GMT
activityi;dc_pre=CO_b-Metw4IDFaHJOwId_v8PPw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6956750401400.969
5994599.fls.doubleclick.net/ Frame E4B5
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6956750401400.969?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_b-Metw4IDFaHJOwId_v8PPw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6956750401400.969?
391 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_b-Metw4IDFaHJOwId_v8PPw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6956750401400.969?
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
bd55e4badcdc57f555d77a4c1ec0f7bf553397b6200b8e12ab5cba601c9bc320
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
217
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:26 GMT
expires
Tue, 14 Nov 2023 11:11:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_b-Metw4IDFaHJOwId_v8PPw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6956750401400.969?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900028.redintelligence.net/ Frame 8C99 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request_content.php?s=28026600061237504445002012508028&a=e373c8dd
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d510c1527b&subid=&uid=fc38f143b1162c35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpRGl3FVTZZHsN_iU1PIP6IaB6AKm5b2gaZ2XnKfJD_AuEAEg5Z_uLGCViomOsAfIAQmpAnPLXgwK8rE-qAMByAObBKoEkwJP0MirW5SLarVim6tYcIltyxbCEJzjrrW83iH1gxjBaOBwvKzX7116a6e33ogPjLGZZeZ-wfj9BQ4-9YyDlm8K-F9_PqHvMd52qdkxtejCYV_plqBDagjYb2rYK2AHUBcX91s-Oj9A0uVX_4Mnh6C3gx7bw-_QLLAWwrR95JEg3Xmxyul0KiGYDYcFeulqvaZAWuWNLR1kBmecUKWIaFjXOeuiFO1xiEG9_NaUPmzCNXp7AzQXsTqudK4xPdMioN6ZdYqHt11AF7KpSHn-tKfMDk1LTj_Kg4JeIlOlZQpAR4-UI3aWS8z-bKD-i9UKtUEUq2QFIR3yfxJuH8NyMA28ELI6U_mZ8JAbW8nzlauHkBB2x8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlikrqbHrcOCA4AKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJEReINEwjghKfHrcOCAxV4ClUIHWhDAC2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNGaQSiVXIkn9tkV6ostm2ZsIATzgWtUWMPeK-tLWKdxxZkbbv6BqUgGXCigfm8Emq28chWyAmAKW-O8NKcdDObFAY74gGh9HHLxgB%26sig%3DAOD64_1KE8npkfvS_Tdwd9NwD3phsqnGLQ%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-AKfF5dqx2bEVRVPVu2tRnQEGpJaQkbwOKf5k2_GB4vN4r-7PklsvdKqIr0gV3Y8H4WXQYhUf3T3DiYPoxydvA8jnjvTWM7XtiowG3V7STII8yx-Q7SewKKTM6WRa6MZiHplqTrPqV22SkgoR8XdE14bUlDCkB9PUgQwik3V2R1WhGLAio%26cry%3D1%26dbm_d%3DAKAmf-CrUNH-2zug5ethKVL2JZuSMEJ2WBp2ZhaFpcKFLPjv1q0yJY1LlRaJdzVizPwbp1f4iAkRdj-HLB5ZD9cGe0vCr7jsfaOJOLIxJmykYf-aqWBKsXmvl-0bi7Gj0gtESW9Qa570EK7qI34AQW6dt-9B9wj7fmrkQp7_9jidVjL0t62akLDeYYMzNYHhWlOY02gS2kG6tQocCKTFREkxTj2xOEZHgNgpG88eh1ChRxGboFEz1sxVOm0RiMfbaOKrOKUpJ7bZ2uOBhB4Q6ojPg2kNtv2IkMXNiqPHwHjkprBWyYYdiSKER8KqDwmNvCVCJCoaJqtLTgLTbceZBbLPwtFoRW7iQb1kc4LvJAReWzSHBCq8ZgZjZB_4yUcDRc-_nUxDkzoJMuEa_msmWNTZIs3isFy6ueHqjnSYJyykBb6NSwqkZnuASmXb9ym_EmEUwS1xi963W4rxNTDA5XjJ_ms150c5dtPRlNbSadY1g-DP9XTdbLLipbbAdCeZx5SzHvRao1TFZTyWoWqzEJ8lv2FN10OmE9E7V7W8NL8rpK-G-n3SJis%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=2925892071895&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
94116ffd05cb12fdef327ec8b10d68b48e1950c1bb61122aa53cf5b876714589

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2061
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Nov 2023 11:11:26 GMT
Expires
Tue, 14 Nov 2023 11:11:26 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 0F49
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28026600061237504445002012508028&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28026600061237504445002012508028&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28026600061237504445002012508028&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx/1.17.5
host
pv.medialead.de
x-iplb-request-id
B2A2D18B:C2A8_91EFC182:01BB_655355DE_43FD325:1A429
x-iplb-instance
40028
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
keep-alive
timeout=20
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28026600061237504445002012508028&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Tue, 14 Nov 2023 11:11:26 GMT
server
nginx
content-length
154
content-type
text/html
cshow.php
www.awin1.com/ Frame 0F49 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=28026600061237504445002012508028&pv=1
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 11:11:26 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
view.aspx
pb.media01.eu/ Frame B6B8
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=48734300048605804445002012508018&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48734300048605804445002012508018&actionid=879111&produktid=ratenkredit&dt_url=
0
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48734300048605804445002012508018&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=01658e19c1&subid=&uid=0e508188aba18ac7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLf733FVTZYzdNY7XgAepuIZopuW9oGmdl5ynyQ_wLhABIOWf7ixglYqJjrAHyAEJqQJzy14MCvKxPqgDAcgDmwSqBJMCT9D9NWVYaJS-x6lxfSZMMaIrgzDgB3p0tgC5a80aLpKlha8XpbaAVR1zsAQtovZngr6uCmeCaxWySj3Z_bDAAi45k66GmLZ4KKizgwi99S8HN0XCilnopENruhGN9U-Q4xB3NACl9VuS0RiYtEKyC5aP5gRcQOQGDzchjJ8IB1L8jqvRRE7JGzMQsxMzAWcXO-K3zHwzNEGhcjMf0mEIX77VDHxtolEkqc3iAPwm8fPsLIwG6JhgpdfPj-yh2tCofv_VoEd6WMasC5JISYFE6Upflm423W5m0J8TmVZL0BGjMThl-saaJbeP4InQIVTbf3N9Mg3w8zkd-MuqQYlBPsQK81y91l_DIB3hZp2JfNvtpfrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIi6ilx63DggMVjivgCh0pnAENsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNKMc21PVJv9TBjC12dsfZBIGIZthRt86xw2TVkkCzHT99ipsn2hs7jYzK-1Jw1cM6wArr4zY_h7RRC0t0Osrk5jsvG5Qd5G_F3RgB%26sig%3DAOD64_3ms2PEbB1JIjtfV1zZB3HT11unqg%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-Boyc4ssyouytgNw2_jP9mzRV8dqDf1dFLTK7_S4Hs0Sg5tgexfCtv8F14YSx6TpEd2Xxi7DL1R9-jzCXWz4s7974NvaD3-siontYBNA7iILr4H5SLAAMLg93dW5Yw6axAK77ZpxP7n4U6S8-2dq3juJYtyMMgtTzbHglL9wuLda-pOIZ4%26cry%3D1%26dbm_d%3DAKAmf-DuHXVx2cRuRRX-urWcHEIfrL072f05il0sNIoR8XBIZ4Zq8ltczojhHrU3yK1YIUkqxzEObpnZ28If-r2q6qqBWioBhHruD50g1U-oRjSZ6KIK3hK_ZV82u3CR4jcnFrZjw-3ZKqBFhgWrCHhac4BQLGlrqYT2VTbMt8bESuov-jdq6FVUVi_VLiEPB8bqZX6uTm3cuI_qS1mk2asFdpxno3_GBKlB3MBdBPa6XeIuNraJ7EzFL1YggGZ_RG4vF7YG90o5QuNXGxu-dXYu5sg_-wQGUHqzs8-veKaiCoktCQ-cdGu-l8FW7CBtmJ9bSlTIOKgdGac90U_y4T3l35nBbELlAJcQqWb7HdmAvOVG7uojcKY8CAqrC0HY1KXmBwN5uG2xGOW6h7TZPxbS78BUx6qwlpB_7YsoNQF1Bo1FZMZXWw7omv5jqxdPoRaJbDYCn6fg3geSUHR17shlNuowGf-cUck5DEyyOkTBNTUc3XcPLFmH__JA7Pg1vXvsbTf_zHUa1hCBtkSf-q1kyjC_z3qILzFAMOKocqGa34b_1AbgPgk%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=4466324791177&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 11:11:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 14 Nov 2023 12:11:26 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript
date
Tue, 14 Nov 2023 11:11:26 GMT
host
pv.medialead.de
keep-alive
timeout=20
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48734300048605804445002012508018&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host
pv.medialead.de
server
nginx/1.17.5
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40028
x-iplb-request-id
B2A2D18B:C2A8_91EFC182:01BB_655355DE_43FD316:1A429
/
adv.office-partner.de/ Frame DA16 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=01658e19c1&subid=&uid=0e508188aba18ac7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLf733FVTZYzdNY7XgAepuIZopuW9oGmdl5ynyQ_wLhABIOWf7ixglYqJjrAHyAEJqQJzy14MCvKxPqgDAcgDmwSqBJMCT9D9NWVYaJS-x6lxfSZMMaIrgzDgB3p0tgC5a80aLpKlha8XpbaAVR1zsAQtovZngr6uCmeCaxWySj3Z_bDAAi45k66GmLZ4KKizgwi99S8HN0XCilnopENruhGN9U-Q4xB3NACl9VuS0RiYtEKyC5aP5gRcQOQGDzchjJ8IB1L8jqvRRE7JGzMQsxMzAWcXO-K3zHwzNEGhcjMf0mEIX77VDHxtolEkqc3iAPwm8fPsLIwG6JhgpdfPj-yh2tCofv_VoEd6WMasC5JISYFE6Upflm423W5m0J8TmVZL0BGjMThl-saaJbeP4InQIVTbf3N9Mg3w8zkd-MuqQYlBPsQK81y91l_DIB3hZp2JfNvtpfrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIi6ilx63DggMVjivgCh0pnAENsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNKMc21PVJv9TBjC12dsfZBIGIZthRt86xw2TVkkCzHT99ipsn2hs7jYzK-1Jw1cM6wArr4zY_h7RRC0t0Osrk5jsvG5Qd5G_F3RgB%26sig%3DAOD64_3ms2PEbB1JIjtfV1zZB3HT11unqg%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-Boyc4ssyouytgNw2_jP9mzRV8dqDf1dFLTK7_S4Hs0Sg5tgexfCtv8F14YSx6TpEd2Xxi7DL1R9-jzCXWz4s7974NvaD3-siontYBNA7iILr4H5SLAAMLg93dW5Yw6axAK77ZpxP7n4U6S8-2dq3juJYtyMMgtTzbHglL9wuLda-pOIZ4%26cry%3D1%26dbm_d%3DAKAmf-DuHXVx2cRuRRX-urWcHEIfrL072f05il0sNIoR8XBIZ4Zq8ltczojhHrU3yK1YIUkqxzEObpnZ28If-r2q6qqBWioBhHruD50g1U-oRjSZ6KIK3hK_ZV82u3CR4jcnFrZjw-3ZKqBFhgWrCHhac4BQLGlrqYT2VTbMt8bESuov-jdq6FVUVi_VLiEPB8bqZX6uTm3cuI_qS1mk2asFdpxno3_GBKlB3MBdBPa6XeIuNraJ7EzFL1YggGZ_RG4vF7YG90o5QuNXGxu-dXYu5sg_-wQGUHqzs8-veKaiCoktCQ-cdGu-l8FW7CBtmJ9bSlTIOKgdGac90U_y4T3l35nBbELlAJcQqWb7HdmAvOVG7uojcKY8CAqrC0HY1KXmBwN5uG2xGOW6h7TZPxbS78BUx6qwlpB_7YsoNQF1Bo1FZMZXWw7omv5jqxdPoRaJbDYCn6fg3geSUHR17shlNuowGf-cUck5DEyyOkTBNTUc3XcPLFmH__JA7Pg1vXvsbTf_zHUa1hCBtkSf-q1kyjC_z3qILzFAMOKocqGa34b_1AbgPgk%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=4466324791177&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 14 Nov 2023 11:11:26 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 21 Nov 2023 11:11:26 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
view.aspx
pb.media01.eu/ Frame 7CDB
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=48734300048605804445002012508018&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48734300048605804445002012508018&actionid=879111&produktid=ratenkredit&dt_url=
0
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48734300048605804445002012508018&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:25 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 14 Nov 2023 12:11:26 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 14 Nov 2023 11:11:26 GMT
strict-transport-security
max-age=15768000
x-iplb-instance
40028
content-length
0
proxy-host
pv.medialead.de
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx/1.17.5
host
pv.medialead.de
x-iplb-request-id
B2A2D18B:C30A_91EFC182:01BB_655355DE_43FD31A:1A429
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48734300048605804445002012508018&actionid=879111&produktid=ratenkredit&dt_url=
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
keep-alive
timeout=20
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 7CDB 		43 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=48734300048605804445002012508018&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=01658e19c1&subid=&uid=0e508188aba18ac7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLf733FVTZYzdNY7XgAepuIZopuW9oGmdl5ynyQ_wLhABIOWf7ixglYqJjrAHyAEJqQJzy14MCvKxPqgDAcgDmwSqBJMCT9D9NWVYaJS-x6lxfSZMMaIrgzDgB3p0tgC5a80aLpKlha8XpbaAVR1zsAQtovZngr6uCmeCaxWySj3Z_bDAAi45k66GmLZ4KKizgwi99S8HN0XCilnopENruhGN9U-Q4xB3NACl9VuS0RiYtEKyC5aP5gRcQOQGDzchjJ8IB1L8jqvRRE7JGzMQsxMzAWcXO-K3zHwzNEGhcjMf0mEIX77VDHxtolEkqc3iAPwm8fPsLIwG6JhgpdfPj-yh2tCofv_VoEd6WMasC5JISYFE6Upflm423W5m0J8TmVZL0BGjMThl-saaJbeP4InQIVTbf3N9Mg3w8zkd-MuqQYlBPsQK81y91l_DIB3hZp2JfNvtpfrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIi6ilx63DggMVjivgCh0pnAENsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNKMc21PVJv9TBjC12dsfZBIGIZthRt86xw2TVkkCzHT99ipsn2hs7jYzK-1Jw1cM6wArr4zY_h7RRC0t0Osrk5jsvG5Qd5G_F3RgB%26sig%3DAOD64_3ms2PEbB1JIjtfV1zZB3HT11unqg%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-Boyc4ssyouytgNw2_jP9mzRV8dqDf1dFLTK7_S4Hs0Sg5tgexfCtv8F14YSx6TpEd2Xxi7DL1R9-jzCXWz4s7974NvaD3-siontYBNA7iILr4H5SLAAMLg93dW5Yw6axAK77ZpxP7n4U6S8-2dq3juJYtyMMgtTzbHglL9wuLda-pOIZ4%26cry%3D1%26dbm_d%3DAKAmf-DuHXVx2cRuRRX-urWcHEIfrL072f05il0sNIoR8XBIZ4Zq8ltczojhHrU3yK1YIUkqxzEObpnZ28If-r2q6qqBWioBhHruD50g1U-oRjSZ6KIK3hK_ZV82u3CR4jcnFrZjw-3ZKqBFhgWrCHhac4BQLGlrqYT2VTbMt8bESuov-jdq6FVUVi_VLiEPB8bqZX6uTm3cuI_qS1mk2asFdpxno3_GBKlB3MBdBPa6XeIuNraJ7EzFL1YggGZ_RG4vF7YG90o5QuNXGxu-dXYu5sg_-wQGUHqzs8-veKaiCoktCQ-cdGu-l8FW7CBtmJ9bSlTIOKgdGac90U_y4T3l35nBbELlAJcQqWb7HdmAvOVG7uojcKY8CAqrC0HY1KXmBwN5uG2xGOW6h7TZPxbS78BUx6qwlpB_7YsoNQF1Bo1FZMZXWw7omv5jqxdPoRaJbDYCn6fg3geSUHR17shlNuowGf-cUck5DEyyOkTBNTUc3XcPLFmH__JA7Pg1vXvsbTf_zHUa1hCBtkSf-q1kyjC_z3qILzFAMOKocqGa34b_1AbgPgk%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=4466324791177&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx/1.17.5
host
pv.medialead.de
x-iplb-request-id
B2A2D18B:C32C_91EFC182:01BB_655355DE_43FD31B:1A429
x-iplb-instance
40028
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
keep-alive
timeout=20
content-length
43
proxy-host
pv.medialead.de
cshow.php
www.awin1.com/ Frame 7CDB 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=48734300048605804445002012508018&pv=1
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=01658e19c1&subid=&uid=0e508188aba18ac7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLf733FVTZYzdNY7XgAepuIZopuW9oGmdl5ynyQ_wLhABIOWf7ixglYqJjrAHyAEJqQJzy14MCvKxPqgDAcgDmwSqBJMCT9D9NWVYaJS-x6lxfSZMMaIrgzDgB3p0tgC5a80aLpKlha8XpbaAVR1zsAQtovZngr6uCmeCaxWySj3Z_bDAAi45k66GmLZ4KKizgwi99S8HN0XCilnopENruhGN9U-Q4xB3NACl9VuS0RiYtEKyC5aP5gRcQOQGDzchjJ8IB1L8jqvRRE7JGzMQsxMzAWcXO-K3zHwzNEGhcjMf0mEIX77VDHxtolEkqc3iAPwm8fPsLIwG6JhgpdfPj-yh2tCofv_VoEd6WMasC5JISYFE6Upflm423W5m0J8TmVZL0BGjMThl-saaJbeP4InQIVTbf3N9Mg3w8zkd-MuqQYlBPsQK81y91l_DIB3hZp2JfNvtpfrABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREXiDRMIi6ilx63DggMVjivgCh0pnAENsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNKMc21PVJv9TBjC12dsfZBIGIZthRt86xw2TVkkCzHT99ipsn2hs7jYzK-1Jw1cM6wArr4zY_h7RRC0t0Osrk5jsvG5Qd5G_F3RgB%26sig%3DAOD64_3ms2PEbB1JIjtfV1zZB3HT11unqg%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-Boyc4ssyouytgNw2_jP9mzRV8dqDf1dFLTK7_S4Hs0Sg5tgexfCtv8F14YSx6TpEd2Xxi7DL1R9-jzCXWz4s7974NvaD3-siontYBNA7iILr4H5SLAAMLg93dW5Yw6axAK77ZpxP7n4U6S8-2dq3juJYtyMMgtTzbHglL9wuLda-pOIZ4%26cry%3D1%26dbm_d%3DAKAmf-DuHXVx2cRuRRX-urWcHEIfrL072f05il0sNIoR8XBIZ4Zq8ltczojhHrU3yK1YIUkqxzEObpnZ28If-r2q6qqBWioBhHruD50g1U-oRjSZ6KIK3hK_ZV82u3CR4jcnFrZjw-3ZKqBFhgWrCHhac4BQLGlrqYT2VTbMt8bESuov-jdq6FVUVi_VLiEPB8bqZX6uTm3cuI_qS1mk2asFdpxno3_GBKlB3MBdBPa6XeIuNraJ7EzFL1YggGZ_RG4vF7YG90o5QuNXGxu-dXYu5sg_-wQGUHqzs8-veKaiCoktCQ-cdGu-l8FW7CBtmJ9bSlTIOKgdGac90U_y4T3l35nBbELlAJcQqWb7HdmAvOVG7uojcKY8CAqrC0HY1KXmBwN5uG2xGOW6h7TZPxbS78BUx6qwlpB_7YsoNQF1Bo1FZMZXWw7omv5jqxdPoRaJbDYCn6fg3geSUHR17shlNuowGf-cUck5DEyyOkTBNTUc3XcPLFmH__JA7Pg1vXvsbTf_zHUa1hCBtkSf-q1kyjC_z3qILzFAMOKocqGa34b_1AbgPgk%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=4466324791177&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 11:11:26 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
view.aspx
pb.media01.eu/ Frame 1D0C
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=66239100049493304445002012508012&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=66239100049493304445002012508012&actionid=879111&produktid=ratenkredit&dt_url=
0
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=66239100049493304445002012508012&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d5994fa0e5&subid=&uid=ccad0bfc9a07019b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyMu53FVTZYjYNs3TgAfW6qyoD6blvaBpnZecp8kP8C4QASDln-4sYJWKiY6wB8gBCakCqyTXQ4zxsT6oAwHIA5sEqgSSAk_QID2fKw7t-zy5mTzT3o3kz6e4ZPjwo4veZYjWvl7K-cL4Yut5nxZCVCBs5gLSbTiAHIAUIfDPnPwB0PhdBIPAnTmCohNY_-khp9l9Cip_JCni4blk3cqO_2dlFUbuKE8pFzkV-6NaQlUrWdwqFCPZJkeNzbONbx5NarNM05G5hoMQ9qgm2sh8rHKgo4fXA99CGfEOo-aW_fTsZBYxBqP-XjiPlhW17GzDuVL5Sr7f6hjb3SuCupEZc3Aa0fzN9RoG7pGqbNRxbmxd52oJ-89Gxwn1IkgebYHOBlfU5ocH7MxwYPsY__Wlc5rtXVvp2B9zn1gPkrhCntMqAswjw4XVuWQ8Mru4fcdAH3CCWjp6lFTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwjq_KXHrcOCAxXNKeAKHVY1C_WwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJ-PA_oImov2HbtOUXsS35Q8AGmUFoYwl6koonX5Mi6f_S4g_4pKD7s9e3fQgV8LIaxeepUWb1P6fDCzHv0PmhOiXBtjZHnhncRgB%26sig%3DAOD64_3bVWjJWL5iGyXbEds_5rcbfqEtwA%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-DU0JzzV6e-88SRLt5uI9Zt9GymUR0nOuS1b7p7TJ_oHC3wpKjnrA_lliKuqHQcIMmcCpwdHGj6AgOtMhVZTJMuCcyghZYNBkmhjflxGLHqh1sTizsorSfdS2vtOjdWFOvX2Quk7JxclAokz50-ICjMaHirHs7E18oruW-cG2aPDDjNZ2U%26cry%3D1%26dbm_d%3DAKAmf-DjbGthtoIVxQ6_x69oKpzzx4g5EO0fhGfEwqwfvO7e5lKdYBlyefgLZ6QZ7owqBzLdtLB2wjZZYubEb1aw2SVrqTcagi9GtpvvvoV12hJBBYRuP0sHGwy2vfGzM9hU8N5EfUS8UYOd6-dLPHI88u1Ypgz6xo84zCmPZG0xRfhqlo1yVeUTeRy0Qs4TsJaKTyyEhuN1IK6Xfl83BJG_9o-1gbeF7oNzwJ2W9YIrQ-fRixV8XdQDAPBZwVgjwTdV-EAzk2_8zsQWH2eFG_gtoHhHBqI5bOjN885cPg7t8M6Re47EyOMkwDtSGE2L0jmL9rIAzIK3qaL5-DY2yg7q5FuAZXk_X5GkmfbGtlHgtX88XyCKID-GHzycIzAv73uZFa75Q8K9a6BqkP9aXgxZFCSZf7S7jFyI4DsouqGVEI4gxH9J885wUxxLEz9pP8aFjVnV5Z6D4ee34lSyNy-xdDKWsBSWSFkgvp57aLzNlpC2EWJN4392sIYxT0q0X2SYZqFNDeqfkU6reRoJNsSvp14WcJcwDq3_1c3EYhb8azZlP7hspcw%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=1596918170643&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 11:11:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 14 Nov 2023 12:11:26 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript
date
Tue, 14 Nov 2023 11:11:26 GMT
host
pv.medialead.de
keep-alive
timeout=20
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=66239100049493304445002012508012&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host
pv.medialead.de
server
nginx/1.17.5
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40028
x-iplb-request-id
B2A2D18B:C306_91EFC182:01BB_655355DE_4400D98:1A428
/
adv.office-partner.de/ Frame 1926 		930 B
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d5994fa0e5&subid=&uid=ccad0bfc9a07019b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyMu53FVTZYjYNs3TgAfW6qyoD6blvaBpnZecp8kP8C4QASDln-4sYJWKiY6wB8gBCakCqyTXQ4zxsT6oAwHIA5sEqgSSAk_QID2fKw7t-zy5mTzT3o3kz6e4ZPjwo4veZYjWvl7K-cL4Yut5nxZCVCBs5gLSbTiAHIAUIfDPnPwB0PhdBIPAnTmCohNY_-khp9l9Cip_JCni4blk3cqO_2dlFUbuKE8pFzkV-6NaQlUrWdwqFCPZJkeNzbONbx5NarNM05G5hoMQ9qgm2sh8rHKgo4fXA99CGfEOo-aW_fTsZBYxBqP-XjiPlhW17GzDuVL5Sr7f6hjb3SuCupEZc3Aa0fzN9RoG7pGqbNRxbmxd52oJ-89Gxwn1IkgebYHOBlfU5ocH7MxwYPsY__Wlc5rtXVvp2B9zn1gPkrhCntMqAswjw4XVuWQ8Mru4fcdAH3CCWjp6lFTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwjq_KXHrcOCAxXNKeAKHVY1C_WwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJ-PA_oImov2HbtOUXsS35Q8AGmUFoYwl6koonX5Mi6f_S4g_4pKD7s9e3fQgV8LIaxeepUWb1P6fDCzHv0PmhOiXBtjZHnhncRgB%26sig%3DAOD64_3bVWjJWL5iGyXbEds_5rcbfqEtwA%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-DU0JzzV6e-88SRLt5uI9Zt9GymUR0nOuS1b7p7TJ_oHC3wpKjnrA_lliKuqHQcIMmcCpwdHGj6AgOtMhVZTJMuCcyghZYNBkmhjflxGLHqh1sTizsorSfdS2vtOjdWFOvX2Quk7JxclAokz50-ICjMaHirHs7E18oruW-cG2aPDDjNZ2U%26cry%3D1%26dbm_d%3DAKAmf-DjbGthtoIVxQ6_x69oKpzzx4g5EO0fhGfEwqwfvO7e5lKdYBlyefgLZ6QZ7owqBzLdtLB2wjZZYubEb1aw2SVrqTcagi9GtpvvvoV12hJBBYRuP0sHGwy2vfGzM9hU8N5EfUS8UYOd6-dLPHI88u1Ypgz6xo84zCmPZG0xRfhqlo1yVeUTeRy0Qs4TsJaKTyyEhuN1IK6Xfl83BJG_9o-1gbeF7oNzwJ2W9YIrQ-fRixV8XdQDAPBZwVgjwTdV-EAzk2_8zsQWH2eFG_gtoHhHBqI5bOjN885cPg7t8M6Re47EyOMkwDtSGE2L0jmL9rIAzIK3qaL5-DY2yg7q5FuAZXk_X5GkmfbGtlHgtX88XyCKID-GHzycIzAv73uZFa75Q8K9a6BqkP9aXgxZFCSZf7S7jFyI4DsouqGVEI4gxH9J885wUxxLEz9pP8aFjVnV5Z6D4ee34lSyNy-xdDKWsBSWSFkgvp57aLzNlpC2EWJN4392sIYxT0q0X2SYZqFNDeqfkU6reRoJNsSvp14WcJcwDq3_1c3EYhb8azZlP7hspcw%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=1596918170643&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 14 Nov 2023 11:11:26 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 21 Nov 2023 11:11:26 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
link.html
track.webgains.com/ Frame BA1C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=66239100049493304445002012508012&nw=1
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.237.35 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-237-35.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
7f8cb4674f17ad081e523d4c30aec4c7467889fded4d9b129cfbaed1cebc2c1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
last-modified
Tue, 14 Nov 2023 11:11:26 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 14 Nov 2023 11:12:26 GMT
activityi;dc_pre=CJHY-Metw4IDFdTMmgodQLYF2w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=293590904678.5912
5994599.fls.doubleclick.net/ Frame B1D7
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=293590904678.5912?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CJHY-Metw4IDFdTMmgodQLYF2w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=293590904678.5912?
391 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJHY-Metw4IDFdTMmgodQLYF2w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=293590904678.5912?
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
e94f86b4cc1e641c6c22e7936800564eca84851d58fe705941afabd6839976a7
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
217
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:26 GMT
expires
Tue, 14 Nov 2023 11:11:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJHY-Metw4IDFdTMmgodQLYF2w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=293590904678.5912?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900012.redintelligence.net/ Frame 5A9C 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request_content.php?s=66239100049493304445002012508012&a=257aed79
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=5zyrr3xpcfb3&nw=20&renderingType=javascript&namespace=d5994fa0e5&subid=&uid=ccad0bfc9a07019b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCyMu53FVTZYjYNs3TgAfW6qyoD6blvaBpnZecp8kP8C4QASDln-4sYJWKiY6wB8gBCakCqyTXQ4zxsT6oAwHIA5sEqgSSAk_QID2fKw7t-zy5mTzT3o3kz6e4ZPjwo4veZYjWvl7K-cL4Yut5nxZCVCBs5gLSbTiAHIAUIfDPnPwB0PhdBIPAnTmCohNY_-khp9l9Cip_JCni4blk3cqO_2dlFUbuKE8pFzkV-6NaQlUrWdwqFCPZJkeNzbONbx5NarNM05G5hoMQ9qgm2sh8rHKgo4fXA99CGfEOo-aW_fTsZBYxBqP-XjiPlhW17GzDuVL5Sr7f6hjb3SuCupEZc3Aa0fzN9RoG7pGqbNRxbmxd52oJ-89Gxwn1IkgebYHOBlfU5ocH7MxwYPsY__Wlc5rtXVvp2B9zn1gPkrhCntMqAswjw4XVuWQ8Mru4fcdAH3CCWjp6lFTABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJEReINEwjq_KXHrcOCAxXNKeAKHVY1C_WwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNJ-PA_oImov2HbtOUXsS35Q8AGmUFoYwl6koonX5Mi6f_S4g_4pKD7s9e3fQgV8LIaxeepUWb1P6fDCzHv0PmhOiXBtjZHnhncRgB%26sig%3DAOD64_3bVWjJWL5iGyXbEds_5rcbfqEtwA%26client%3Dca-pub-8573325940152694%26dbm_c%3DAKAmf-DU0JzzV6e-88SRLt5uI9Zt9GymUR0nOuS1b7p7TJ_oHC3wpKjnrA_lliKuqHQcIMmcCpwdHGj6AgOtMhVZTJMuCcyghZYNBkmhjflxGLHqh1sTizsorSfdS2vtOjdWFOvX2Quk7JxclAokz50-ICjMaHirHs7E18oruW-cG2aPDDjNZ2U%26cry%3D1%26dbm_d%3DAKAmf-DjbGthtoIVxQ6_x69oKpzzx4g5EO0fhGfEwqwfvO7e5lKdYBlyefgLZ6QZ7owqBzLdtLB2wjZZYubEb1aw2SVrqTcagi9GtpvvvoV12hJBBYRuP0sHGwy2vfGzM9hU8N5EfUS8UYOd6-dLPHI88u1Ypgz6xo84zCmPZG0xRfhqlo1yVeUTeRy0Qs4TsJaKTyyEhuN1IK6Xfl83BJG_9o-1gbeF7oNzwJ2W9YIrQ-fRixV8XdQDAPBZwVgjwTdV-EAzk2_8zsQWH2eFG_gtoHhHBqI5bOjN885cPg7t8M6Re47EyOMkwDtSGE2L0jmL9rIAzIK3qaL5-DY2yg7q5FuAZXk_X5GkmfbGtlHgtX88XyCKID-GHzycIzAv73uZFa75Q8K9a6BqkP9aXgxZFCSZf7S7jFyI4DsouqGVEI4gxH9J885wUxxLEz9pP8aFjVnV5Z6D4ee34lSyNy-xdDKWsBSWSFkgvp57aLzNlpC2EWJN4392sIYxT0q0X2SYZqFNDeqfkU6reRoJNsSvp14WcJcwDq3_1c3EYhb8azZlP7hspcw%26adurl%3D&documentReferer=https%3A%2F%2Ftwire.gg%2F&ancestorOrigins=https%3A%2F%2Ftwire.gg&random=1596918170643&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
0a3b8ae602fa889bd93307fa6fc1917791705e7616815109d501a9784f0af618

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2075
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Nov 2023 11:11:26 GMT
Expires
Tue, 14 Nov 2023 11:11:26 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame BA1C
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66239100049493304445002012508012&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66239100049493304445002012508012&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66239100049493304445002012508012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.17.5 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx/1.17.5
host
pv.medialead.de
x-iplb-request-id
B2A2D18B:C30A_91EFC182:01BB_655355DE_43FD329:1A429
x-iplb-instance
40028
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
keep-alive
timeout=20
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=66239100049493304445002012508012&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Tue, 14 Nov 2023 11:11:26 GMT
server
nginx
content-length
154
content-type
text/html
cshow.php
www.awin1.com/ Frame BA1C 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=66239100049493304445002012508012&pv=1
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 11:11:26 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
truncated
/ Frame 0F49 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
674adfaa217206823cc25c1eead4d36e09d7db7cdc4c9d1a35194efd27226b59

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BA1C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c4a4ae47218fe6ed46b93487efcb6c7bc3c64000224a39a2c32357f4e5f0097

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 8C99 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=28026600061237504445002012508028&a=e373c8dd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 10:30:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 11:11:26 GMT
/
hal9000.redintelligence.net/scale/ Frame 8C99 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=28026600061237504445002012508028&a=e373c8dd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9fee2f4deacb8662b7482f426e76ebacee4c94037f2e410e9ae559c718d497a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:26 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16981
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 8C99 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=28026600061237504445002012508028&a=e373c8dd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5f539cefef8c2dffd1d82ef8e9d499226855c43ff57115352e463de4ce1a1d29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:26 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16512
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 8C99 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=28026600061237504445002012508028&a=e373c8dd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4c08f2e7799b9072079184cd449e8f090e124fbaf13c38528a775d898ef26dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:26 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10941
Vary
Accept-Encoding
Content-Type
image/png
css
fonts.googleapis.com/ Frame 5A9C 		5 KB
756 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=66239100049493304445002012508012&a=257aed79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 09:56:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 11:11:26 GMT
/
hal9000.redintelligence.net/scale/ Frame 5A9C 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=66239100049493304445002012508012&a=257aed79
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9fee2f4deacb8662b7482f426e76ebacee4c94037f2e410e9ae559c718d497a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:26 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16981
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5A9C 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=66239100049493304445002012508012&a=257aed79
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5f539cefef8c2dffd1d82ef8e9d499226855c43ff57115352e463de4ce1a1d29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:26 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16512
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5A9C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=66239100049493304445002012508012&a=257aed79
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4c08f2e7799b9072079184cd449e8f090e124fbaf13c38528a775d898ef26dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:26 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10941
Vary
Accept-Encoding
Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED89 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BySto3VVTZdu4JraUjuwP6pWF-AwAAAAAOAHgBAI&bg=!np2lndLNAAZxrfrxUa07ADQBe5WfOMVZuO9nsyq56AhUdIhXMdzvQYSWM-82IXuEKVlGsbPOOZwCYiBSMQbCwEuk-UGuAgAAAQVSAAAABGgBB5kDBJ2n1_VXdRzeuUvFuXphrPwpb1_s0Wka8ckETKRA1-1gLyBFY33GDd8w2FkG_Xxqr6Wy8zyea-gjo40Lvpjp2uIrxtbjI6x5zJerKlPmTf3g7PQCY2ZaLSXJuz0dvJdcpbHXj64Q8ktvSroajSSYZLRFFRB0HjpmauVAFv-IauZAFCkdFD6OWQ-V8aKYug5lYpuprLLJs95D9QvJxV7V7k1Use2wOvFvqAJuR3bgv47f0Z2zn-JgkxnLIQgSfddiFO6QBXpQY25_dl1idL5ad2SBOzP3vnPJ7GbJQYwT5vZAjUkyvpElfkmDV0eA5bRsEGwks94tWS3gmYY5wzoC-MVafIknOQaAYVEGQHc8FY3ULer12jgV2noWvZt6GmLhcjaX8M8fdqN0ASrF8lO7dCrnnSt1pso7PEeqAieysKzgoD0vT_sLVXXrYMRD6VAh8AQ6m13F6KhHyQM5dddgBshx_zQhNlQWS5BozMRrNo1LdF1Y6lEbFQi63WHDuqescRgUCN9pnLYqV_Vm419QQiEKGqmkh8gvdTLifoT3S1JRkJsUEokOuxBHkpE7kA08f7w-_Fz0OiXLpzTHyO2ni4tOO2pBbTtQK_y-zE9Lk-VNT-R0y01sc6fQLmLbTorWOtyCGxE5lZlJZcbcUnCKn43W4jFQ_6PjaxkahhNrDk6mZZB2cPy9--jj0CDYqnCx-ilCrygvqsvv3lM4gVG_GVLZs92gIy8RYBRl0GQptmhCvJqXxZsJ0oWwYWIqSSwHG3F6bfDA7sQ72vdCTIhmdV7-hLB5uf7BGBsu5RAkFAo81kZaMdHA84HbAUiNtPz8Zghr78hzXtYLCngCyFLGt6NbEwJit9zf7XaFTFeBDsaLVCBZZPM2SVL-Kr4f_H2_U3ovkeOREJVe8x2SFafz-Sb2GdJallgNXYhjY-u8pgyDstZqutk0K_F7KDKA6EwAm9bUT0-f7FD-XGdTGeT6KtCJ8-k6JSSdvrnTDizQVSTr-zNFap6rjH5kl--Sa6wHE7MpG0Q
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame 1926 		174 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f632e41218d1ebf02c3ba43344a40e135313adfc7ab5f75f74aa84b6fa2f3708
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63924
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Nov 2023 11:11:26 GMT
gtm.js
www.googletagmanager.com/ Frame 662C 		174 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f632e41218d1ebf02c3ba43344a40e135313adfc7ab5f75f74aa84b6fa2f3708
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63924
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Nov 2023 11:11:26 GMT
gtm.js
www.googletagmanager.com/ Frame DA16 		174 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87b03660c966dad56aaf31912dc4532dd9d924dcaac2d20d63c59c7485cf1d7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63924
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Nov 2023 11:11:26 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=940671
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81fa6256a9407da6af7ce43195d600cddc57cbc2230bf0519c3a6b5838673594

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3yXB0G65diocnrY7ss7EFV%2Fy%2FWTQckDzqqYUCAJsNidp3YAxJLphjNW1ylqKF0CdfdrbZRVhuuUvhAMPYm2qlUhgx6BVFQko3HJJRgUKsGtYdTSMOiux4gTWPofAluW2v3JNAzB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
825ed04deb8b2c2b-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
hb
ssc.33across.com/api/v1/ 		67 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aEU7WKPLar7yomrkHcnlKl
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
86e15e529c30552622cd4da11829d7fa986d3639e8c2bb978cc999779a89636c

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		716 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&PageUrl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&PageReferrer=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.236.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-236-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
adb13a7bc0ba529263b371bdca359d4fce523479c5faff92cb59609e35dfff53
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
via
kong/2.8.4
x-content-type-options
nosniff
content-encoding
gzip
x-kong-proxy-latency
0
x-kong-upstream-latency
160
pragma
no-cache
access-control-max-age
3600
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://twire.gg
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
c
prebid.a-mo.net/a/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Tue, 14 Nov 2023 11:11:26 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://twire.gg
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
auction
tlx.3lift.com/header/ 		19 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0-pre&referrer=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tmax=1300
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.231.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-231-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
img.fetch
udmserve.net/udm/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		140 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b1bb866e0138d354045038ee9ee44022b5e2d8db530c2a1fe364b61bde1f4bdd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
an-x-request-uuid
754e587b-1731-48b6-8462-4bd0f2565610
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0-pre&cb=16245363700&lsavail=0
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://twire.gg
date
Tue, 14 Nov 2023 11:11:26 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		387 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23016&site_id=466496&zone_id=2749116&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.domain=twire.gg&tg_i.page=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&tg_i.pbadslot=%2F339474670%2C22606297850%2FTwire%2FTwire_Interstitial&tk_flint=pbjs_lite_v8.6.0-pre&l_pb_bid_id=36649513492807f9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F339474670%2C22606297850%2FTwire%2FTwire_Interstitial&slots=1&rand=0.3975322455693717
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1cb730eaa1c1cd6bc869e6732f2d4aa9a746c314e93043defb571b21f1e95c30

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
387
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUAID4GW
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
4f2398b06e4d91da67215e7361fd989b573ca142fb1f540cb814556534387b82

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 11:11:26 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
1bae12f938f1ca388e0ee3aee92518410cb1ac5f5f877564f32aa651d6a02ea6

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://twire.gg
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bid
ap.lijit.com/rtb/ 		25 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.6.0-pre
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e5f15be8ce6e7151f75650c60f911022bf5208f80a776391dd99a0789d1c3fae

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 14 Nov 2023 11:11:26 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://twire.gg
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
v3
id5-sync.com/gm/ 		319 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
665a3f4219f6d31879f104c3164cfa48e96b10de990aae74329eb6bb467d56f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://twire.gg
date
Tue, 14 Nov 2023 11:11:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
dc_pre=CJHY-Metw4IDFdTMmgodQLYF2w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=293590904678.5912
adservice.google.com/ddm/fls/z/ Frame B1D7 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJHY-Metw4IDFdTMmgodQLYF2w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=293590904678.5912
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJHY-Metw4IDFdTMmgodQLYF2w;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=293590904678.5912?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CO_b-Metw4IDFaHJOwId_v8PPw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6956750401400.969
adservice.google.com/ddm/fls/z/ Frame E4B5 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CO_b-Metw4IDFaHJOwId_v8PPw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6956750401400.969
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_b-Metw4IDFaHJOwId_v8PPw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6956750401400.969?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame BA1C 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=66239100049493304445002012508012&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75b11328827bb635b369ee1f4c8e9dad82b7b609d5bfc736d8ce1994a6f4c03b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 02:18:41 GMT
content-encoding
gzip
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 16:51:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
32723
x-amz-server-side-encryption
AES256
etag
W/"5d5bc5942e2e0a61b44429bb852bdc91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
BjqkrEg-lBiq22a54Dceo5ytNP0srsUul1CN81XSw4oyMvGwuZhaBQ==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame BA1C 		85 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1699960586&Signature=MvuJLhQ2lQBg01aVrimvdxPeN5Sdl4wNA8KHCdmKYHtlPgAQXbS9H2yCCR-u0J3RyKjf64zFuAx4Mpmi5vt4htZLOC1aZeZTN94wCcBmkByeKHs8kJXUJFTdHXjEMpW5L~8hXSBMKEBOPvHkVrzWYXmlF-UjY9pLZV1kooPxlI70O3DmfMZFXrduuWbog6uZLrpQfoz8~Tymrcx5nR-D5lUheonn7keLYwUb4Z4pxJk3-yx07jk8lWPaApZB~4MyvDgUFlFEUXA9n5CocYkX07HziDpECTlod4RIvZEG2iB1kfVe1DAl0AfxzCopkZqi~aT0RgvR~TGlGYyXp9hWUw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-36.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 14 Nov 2023 04:09:22 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
25329
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
deh2jplMf5L8IimQtjgyUg6ddu70hcR9mweTOOeu5VND3LWWd6mBcg==
pvClk.min.js
analytics.webgains.io/ Frame 0F49 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=28026600061237504445002012508028&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75b11328827bb635b369ee1f4c8e9dad82b7b609d5bfc736d8ce1994a6f4c03b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 02:18:41 GMT
content-encoding
gzip
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 16:51:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
32723
x-amz-server-side-encryption
AES256
etag
W/"5d5bc5942e2e0a61b44429bb852bdc91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
EWTWmfLovPYs9caQBa8gdKOY51sheCU5xbx_wuPxPlZ6sLJ_cBz8SQ==
1x1.png
cdn.track.production.webgains.team/7121/ Frame 0F49 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1699960586&Signature=gK~009bk5ctLMyt7NeVqiNWL77e1R1Sh~suruXDj3ir7lFspueE1jzrd8BDaVZWjs8oSklOOKUCGA2hxDwMgMIHRM6uA-6VRf2PUUgNfoed-gbkUetudEktLCZ0itZRYQmUVkUUmuwzdyhB6k5PSd6PE6Ll-f9tibfHFhzr-A~Za9RZSNhSlmS4XXR54erkJFmwthrRCaaYppmslNj2lFFzVpVu6OTxMEx3epqCQ4T-oZDKwOaQy4tdPj~ezt5h0RTdiWsFHyjrkQyTDE6xfC042Agx~32Jk2rKOWLqeF2P8G3BAbBmiEn0nsGG06QmPK4skZY1sItO83xqB96sPMQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-36.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 14 Nov 2023 09:10:45 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
7242
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
cChiyNgRqYcKA8uYBKk3kRsdKJO7nc0iK3McG2IlnLyvFF0ljjuB0g==
gen_204
pagead2.googlesyndication.com/pagead/ Frame D1AC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BOPvm3VVTZc_LK-OQ7_UPsuK38AkAAAAAOAHgBAI&bg=!XF-lXxDNAAZxrfrxUa07ADQBe5WfOHDBvR9a0zhApihx8T4cEuX6jtRvb8gOT4t-qn8ZmAlSK8_QL0CjBnDTGiQGAm9uAgAAAcBSAAAABGgBB5kDGq9wobhHhz-ccvNMNU2apFyIBDx6Tv7zwWHC8A2VFKrbgG5crLHN7iTlqPeKF9YT8b4XtxsI9u6iOYXOE3iH898ltSouC7HHl7f_yyMDmcqe45odekZQtr0AmUIxs0XRekch4GNCOmpzNy_GFV161-zFKXEk5zcqmOqHZnWuoyFsb2IgY3ptkUBaxmH9NaapoXf0gK7gRKRFXBZp5onTH0hwpYPKD2Ve0NO7uBfVLaAYzha0laJig_Z4366590y8tJLZEnqhkLVWNG8XQtU8dDUhAqt_bXMVq_h3cUW2Rn0fQ6viM2SgiO_b9Ub-t05mqdLZ67z8xMcZtp-xjs8bjk4MBPpplXEAEwdEOhueeJmEWGQKxdo99ol3bI0ze06qvYff8wlGYsRyun9KsEgeZYOLH-SAyN1evClr-4JQMrytIjV9Pi0kCqvYTjg1GyPJYuCsIc8ArqZU8wM52iE1e5dpmDZHO8LNA1UGUlU04FS0MmlNTismRzqmJVxDTLmxMyPKzb7JGx1-MH9vSyoCsfeNNf_3Rz-EXUujk73rDBUjD5k_Q898ufVv-PBRwW5I7VYPitEopGIBnPbEdsbh0HfnziPWvo-ccsLVZpVy7WZVgXL8jqS_rM09dnhdHIIJ-kOki9EbiTFkJIQwbTz2mAjo84UfSbOklHHnHdOrX9suZoyAk8sOQ9JF2lWNbw3WidayIAHkMC-o-CPAOFx-T7BEyY8WZ0_96GcDUHMsr86i9vV4z_cCysvo3aljmNH2KzhL-aHtCDzp-FRXakqb4myh_33pi5N5tt_N1Sc4wFGTq0hypUCyHEk2kLKAYG6fnqes9t34hsb0KO1pB1CnRtogQaXiArFs_xDAZ_8Qbb1B5M_W8xG5o7Zu5uRQRZX8SgVb2Cd5cGRsJRCxx3JhjPQuHwcgq3ornPEyr0O3j1FMCx7XqSweG-oSPrS6MIbTkOERoZdt4wVJuLbUJfRnhIxwzhiJhwpeX5hxvmaxvBX4EjRxs-ypXxDautfjsENGjtSPh1tRgoId4sWuKG00_-NUGoMBBexv6Med
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 Nov 2023 11:11:26 GMT
viewability
hal900028.redintelligence.net/ Frame 8C99 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/viewability?s=28026600061237504445002012508028&a=84b5fa71&vb=m
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=28026600061237504445002012508028&a=e373c8dd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/request_content.php?s=28026600061237504445002012508028&a=e373c8dd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:26 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
viewability
hal900012.redintelligence.net/ Frame 5A9C 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/viewability?s=66239100049493304445002012508012&a=181fb937&vb=m
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=66239100049493304445002012508012&a=257aed79
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/request_content.php?s=66239100049493304445002012508012&a=257aed79
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:26 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
link.html
track.webgains.com/ Frame 7CDB 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=48734300048605804445002012508018&nw=1
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.237.35 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-237-35.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
061c8060ee3b26deb43f521fa58b05d4c6379a9b3be49040d430c5a21a8892d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
last-modified
Tue, 14 Nov 2023 11:11:26 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 14 Nov 2023 11:12:26 GMT
activityi;dc_pre=COTUjsitw4IDFSfMOwIdVgcKWQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9059006749647.91
5994599.fls.doubleclick.net/ Frame C140
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9059006749647.91?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=COTUjsitw4IDFSfMOwIdVgcKWQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9059006749647.91?
390 B
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=COTUjsitw4IDFSfMOwIdVgcKWQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9059006749647.91?
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
fe2dcc28b9167690e20e91bb452cf5e5de66fce0c3fcf97dcaa671094023ea21
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
217
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:26 GMT
expires
Tue, 14 Nov 2023 11:11:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=COTUjsitw4IDFSfMOwIdVgcKWQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9059006749647.91?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900018.redintelligence.net/ Frame 06C8 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request_content.php?s=48734300048605804445002012508018&a=f0261d59
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
4632310b39a7302b24ff20a0af75dadb2a42cabfc6bd7016778aa5ef1aae8616

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2076
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Nov 2023 11:11:26 GMT
Expires
Tue, 14 Nov 2023 11:11:26 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
truncated
/ Frame 7CDB 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f57ccd907914fcb6a682a676f62ac6d9911e4235562e17c9deeb7a3d341047f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 8C99 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900028.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:23:45 GMT
x-content-type-options
nosniff
age
413261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 16:23:45 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 8C99 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900028.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:02:57 GMT
x-content-type-options
nosniff
age
353309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 09:02:57 GMT
js
www.googletagmanager.com/gtag/ Frame 1926 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
646c56f1c9e5c238d0b487e84af18af5139a8d3cc9f3e839ebdcda3eb878c52e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92920
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 11:11:26 GMT
css
fonts.googleapis.com/ Frame 06C8 		5 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=48734300048605804445002012508018&a=f0261d59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 10:24:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 11:11:26 GMT
/
hal9000.redintelligence.net/scale/ Frame 06C8 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=48734300048605804445002012508018&a=f0261d59
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9fee2f4deacb8662b7482f426e76ebacee4c94037f2e410e9ae559c718d497a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:26 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16981
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 06C8 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=48734300048605804445002012508018&a=f0261d59
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5f539cefef8c2dffd1d82ef8e9d499226855c43ff57115352e463de4ce1a1d29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:26 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16512
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 06C8 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=48734300048605804445002012508018&a=f0261d59
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4c08f2e7799b9072079184cd449e8f090e124fbaf13c38528a775d898ef26dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:26 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10941
Vary
Accept-Encoding
Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		188 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3003470240693621&correlator=375395175360823&eid=31079522%2C31079661%2C31079380%2C44807690%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=339474670%3A22606297850%2CTwire%2CTwire_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&didk=2769667312&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D1373588c97a44752%3AT%3D1699960284%3ART%3D1699960284%3AS%3DALNI_MbVCRihx5NebOCZmKr-pGKkVAhIBA&gpic=UID%3D00000cc3b19f9a02%3AT%3D1699960284%3ART%3D1699960284%3AS%3DALNI_MYDgirx9h9G6blNImIz3K_TGeFAcQ&abxe=1&dt=1699960286710&lmt=1687341741&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1383128441.1699960284&ga_sid=1699960285&ga_hid=513165606&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlsud7LwxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiWy53svDFIAFICCGQSGQoKcHViY2lkLm9yZxjLzp3svDFIAFICCGoSgQEKCHJ0YmhvdXNlEmxydGhyUkJKaFNnQ0hDcDh3U1FNem9CSXI0dW9EYktnSzFKeWVCdmNXSGlDZ3pWVlRHVjMvcm9Ec09DdnlFZFVYc2t3TEtVN2tsd3VCdUwwZmV4b29KTThLZk1TQmFOdmFVZ3VPMFZzSXdEYz0YrdKd7LwxSAASHQoOZXNwLmNyaXRlby5jb20Ylsud7LwxSABSAghkEj4KBW9wZW54EixleUpwSWpvaU5WTTJORWw2VUVSVGRUSnZZWGxrZEdvMGRqVTBkejA5SW4wPRjw053svDFIABIZCgp1aWRhcGkuY29tGJfLney8MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yo9Gd7LwxSABSAghq&cbidsp=CsMDCAESDAoCaXgQVCACUgJpeBIZCggzM2Fjcm9zcxCWASACUggzM2Fjcm9zcxIbCglhZHlvdWxpa2UQtwIgAlIJYWR5b3VsaWtlEhsKCWFkeW91bGlrZRC3AiACUglhZHlvdWxpa2USGwoJYWR5b3VsaWtlELcCIAJSCWFkeW91bGlrZRIbCglhZHlvdWxpa2UQtwIgAlIJYWR5b3VsaWtlEg8KA2FteBCVASACUgNhbXgSHQoKdHJpcGxlbGlmdBCVASACUgp0cmlwbGVsaWZ0EiMKDXVuZGVyZG9nbWVkaWEQsQIgAlINdW5kZXJkb2dtZWRpYRIZCghhcHBuZXh1cxCUASACUghhcHBuZXh1cxIVCgZjcml0ZW8QkwEgAlIGY3JpdGVvEhcKB3J1Ymljb24QjQEgAlIHcnViaWNvbhIZCghtZWRpYW5ldBCSASACUghtZWRpYW5ldBITCgVvcGVueBCRASACUgVvcGVueBITCgVzb3ZybhCRASACUgVzb3ZybhgBIiRiYjY3MjNlOS1iMTdlLTRmMTktODlmOC1mODY0ZGJjZGYwYzQqBAgDIAAyCnY4LjYuMC1wcmVAlApKAA..&dlt=1699960283113&idt=1354&prev_scp=amznbid%3D2%26amznp%3D2&adks=3912705023&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc809b23f29203c129a69f4562e57011cfe247cb01b8133e8168187964a5b2fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53026
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:12:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
75541
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13750
x-xss-protection
0
server
cafe
etag
15254217830347453119
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 12 Nov 2024 14:12:25 GMT
js
www.googletagmanager.com/gtag/ Frame 662C 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9730f932aa42c2506c0f92d4e9e32392fc5b4a01bd968da4311e1f614ed50d8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92919
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 11:11:26 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 5A9C 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:23:45 GMT
x-content-type-options
nosniff
age
413261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 16:23:45 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 5A9C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:02:57 GMT
x-content-type-options
nosniff
age
353309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 09:02:57 GMT
js
www.googletagmanager.com/gtag/ Frame DA16 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9730f932aa42c2506c0f92d4e9e32392fc5b4a01bd968da4311e1f614ed50d8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92919
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 11:11:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B1B6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCJeA3VVTZZr-LLam9u8PgPiQ0AwAAAAAOAHgBAI&bg=!IiGlIW7NAAZxrfrxUa07ADQBe5WfOPaYClcIH5R3mlevWNdf-hLZPjQT52eD6BX-NJyoq5LCOxgwzlQINx6cOLpYwnkDAgAAAkdSAAAAB2gBB5kC9EZ5TzaSG3DpLym0v7Hd6JC7m_270L8ALCVwQMmJ4S43gol-BYdVWsW48xQBwgb6dAdty76borapEJMIMUIDeRah_rq9jQjyJ58b7worLhstdXoZ6YyD_KMDfwvAfBosQoVP2yaAHLzJmh837hlOxBgd-1IXjcmXZuT-ir57LvKaqfs_VkfXH_SPf8OjxNLPrqQ0-eBp5QWSE5MDhdod-kXNaGF1jh_Aa-GS2uJ7Hj_kzrT6MI_0lxdCWtqkzvHbPEnLsc2QKI7w4mQ-DMz3HW2US0b_XY5t_-Odm_JlDcU7OrAI0qBMR-FrJ1cPKg0eYYRa1ogphWPesqQTMZMhHSHUIJfGqxlsDEH5aTeQXhdoT6ZgigpXzehuO9lgxmaXPrChxxC9sOuwPmWDpTohm82zXqOVFWOPo1d_OS7GC9NP815IFvU2zMH2foTPu3JOC2JOXiP6g9iJFesfOSn_lrgvA2YuTdpt3JT-uq1eoMfDz37tdV5dgpQ1lA5s_1aSitieNtNBS45OwtXzz5cvMGFdKbKkQupF2wnFDGG7DxNbJ_2fN-sVJu2Zd6WyfBX78aI5CkqHRsh6egBFPPmrm9vuK_MKrHdL__Aedk5VQ4FdDH63V31fSYDxCwJykG__EC67GuVcnGFmr-Ijt7b1WsRpIEct3MjpiwFfVeC219dqYQ4MeUv1ZhLKAWQz7S6n1hAWdP7sU47MqCpuOUYsHVIBIVyrEHWGz69PrwZBEHJT0WTbV-i5AmueKzjvqDo67IEAr4iY2oADQO2F8ljxsDylsBBzfd2hugjWFoTfRa8ucjjCLmRAxiUUV835ATev4beWGGwEt0ELmTmTLN329hIz45NABmPR00GTGp653Ly3sRFLy7kVvtcf1bWTGgDMiKk52GXToG56kGSIywWor-8zMGWZLMhpIE2qObslwhc3-ywd1MYPWN1buCkjMy_KG5VCOnRqxVvRfO6ihRzbFfYBHxEB0K7feOaFWBH9Y3LcuotqzQ
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=COTUjsitw4IDFSfMOwIdVgcKWQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9059006749647.91
adservice.google.com/ddm/fls/z/ Frame C140 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COTUjsitw4IDFSfMOwIdVgcKWQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9059006749647.91
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=COTUjsitw4IDFSfMOwIdVgcKWQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9059006749647.91?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FCDE 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvS2SuohrUYVIcYBwW4G6RkdjGyy-N5zlvwZKByqG8gBGW_Nj-WyKFDZYjT97GlS4sJDI5fob24rS7hvL-IWY5YVZOdflRgmzZ7MQoYr6C-PK8xahM3DDgaSPryVcJp0C8vIq9_taMDVAIpveS10PV4juCFJB4AiiYd_2G1Odr-m-QL5G8ieTYQQjuqD8lazwr0W-mRabySRu0cFHtHJGDnSu6nT_7z4BTlTCmEB_esQvVHo6YIXonrAvYKmXAZLJKalRxnQkeiXH7ECarN6GQCLvydOXb6KN5lFcackQffVRXmizEeZRn3NSF0AD5hMYp7dfK4jIliYMNTs3whm69PTRDExXQ98GKXf-xdGm-RRH6cLXTAkrqiINRFDg_I0owLTFd6DI2FILLTyaeFOFjhmtL2pjpc6vLrn2EQiSsjRomREfPH0eYyMHYnM_tTOGnBw_82i_aDQdOXp_OgrWYMp2YBR8hlFzrVuI_aZ1WD2ssuQd0Wl8-iKoNExQQzzu6B5qt8JLysk_JWSqaaQUXA4AjV-6p88njFST8k38YMyAmBvaaZODV6RxTM7zt4LUFAEklhJr9h-Y8mVjziU6WrlF0SBxPBOalMjAAeXofLloNbYlLoGCakfMnyAZhfxEwt5hYd2Fw_LLZ68c2eYLC-Ne7eZBXU_bOCbwxGXcLMf7AcdIbhpUOwx-eQUN5DsoCsmyqc4phr4MQWOP989wGTofgB23lnq236pjXa6Hwx2iHYgJfsBdz7LWC-SynzOICg6XJHidyt3vG-699j26asap_KuBtOZrDSD_IVHSRe1wBWynDELagznDL2v-rO3HhKoQwSOegEFPAcOpftwCQ0Cq74FHnxfpVGsfMhgXiE9YHAQNazYemzHYlowzkgizqp7r2dsIl7DTtmBocUPSmGy67bVeQBU3EVJmCijr3KvxwLN3KsDeigymxDRsKuX19ECxqGp0GAFEKYxg1J1uZjE1qOVEasXTzaHoWC9XiBQbLZQbBekhlhbcSJRqaTiX4ZdYs6jZhgT93zx6ViCLOtbv8mgoMi2fUfmggNQsjmOSjs426M8aQ9JW8pD0Ba1ojh7od1ZbvM0C_OL0yB4EZ8ZqaxP1jGllQVMt0B9_AfkZ_B6E67G6mya8_eTEjfzEc2yquDbjWPmVAVTqaEEnndeS_PsqcJalMpo5BxRqxuGe_USzCzsZFTKJaldh7JVT8rBI_0bzW9b1UMtxSlsGTmPOeq5w9Hw22bLRHl83-fTycOQYvDt3FdQXy5tjLfkHejeMZHfeNIxl_d1WlVjgDKElkXh7YpirBD1j6E3XFU8kYQhjMASp3fs5ksNqnd81pVLbCidOCvGI3lDXxSwd1SMA&sai=AMfl-YQqcnfzaMrAqNQvEkj69OVwJeHSHc5TyyxM_4VN-Xw5dz6OfM8l7Xz3lr6d40bK_hGaAoDMC2vHGMMa3XpMauTpwWocfPpn7rhqwVtz8RYzqjyDKryuTeGab1wQl8qPLd1bii2y5tNigA9OJa-l1IC9zAmoGQZyESIS-MA&sig=Cg0ArKJSzMNmm1XEeDbfEAE&cid=CAQSTwDICaaN3Y8c3wng22ok88aX5Ok8c1G7J04au3zQvJ7ApBTnkQ-5nah8_A01ynGXc_XWyZHxiK6WnGISTc2E-Xu6smMiIV6T6-fXQjklS1wYAQ&id=ampim&o=273,891&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1121&mtos=0,0,1121,1121,1121&tos=0,0,1121,0,0&tfs=318&tls=1439&g=100&h=100&tt=1439&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: twire.gg
URL: https://twire.gg/en/pubg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900018.redintelligence.net/ Frame 06C8 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/viewability?s=48734300048605804445002012508018&a=2f2a2388&vb=m
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=48734300048605804445002012508018&a=f0261d59
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/request_content.php?s=48734300048605804445002012508018&a=f0261d59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:26 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
pvClk.min.js
analytics.webgains.io/ Frame 7CDB 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=48734300048605804445002012508018&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75b11328827bb635b369ee1f4c8e9dad82b7b609d5bfc736d8ce1994a6f4c03b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 02:18:41 GMT
content-encoding
gzip
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 16:51:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
32723
x-amz-server-side-encryption
AES256
etag
W/"5d5bc5942e2e0a61b44429bb852bdc91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
va--EDHJufBWZL75jIQkyZc5bgEHombyFzN8xLWEcJYYV9XlJEcNDw==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame 7CDB 		85 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1699960586&Signature=MvuJLhQ2lQBg01aVrimvdxPeN5Sdl4wNA8KHCdmKYHtlPgAQXbS9H2yCCR-u0J3RyKjf64zFuAx4Mpmi5vt4htZLOC1aZeZTN94wCcBmkByeKHs8kJXUJFTdHXjEMpW5L~8hXSBMKEBOPvHkVrzWYXmlF-UjY9pLZV1kooPxlI70O3DmfMZFXrduuWbog6uZLrpQfoz8~Tymrcx5nR-D5lUheonn7keLYwUb4Z4pxJk3-yx07jk8lWPaApZB~4MyvDgUFlFEUXA9n5CocYkX07HziDpECTlod4RIvZEG2iB1kfVe1DAl0AfxzCopkZqi~aT0RgvR~TGlGYyXp9hWUw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=48734300048605804445002012508018&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-36.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 14 Nov 2023 04:09:22 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
25329
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
pn4T1f_CA1eZvy-TjH9zIG_vKe7qqrZVKhua-aJRq7FpfrM7Se2pig==
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 06C8 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900018.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 16:23:45 GMT
x-content-type-options
nosniff
age
413261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 16:23:45 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 06C8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900018.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 09:02:57 GMT
x-content-type-options
nosniff
age
353309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 09:02:57 GMT
twk-main.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 		121 B
298 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6011ea7fc31c9117cb73359e/1et2vo146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
Origin
https://twire.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:27 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
274267
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
825ed0523f7f9064-FRA
twk-vendor.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6011ea7fc31c9117cb73359e/1et2vo146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
Origin
https://twire.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:27 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
538986
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"ce3014b09c6dfbd6f92bc585fd840580"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
825ed0523f809064-FRA
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 		212 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6011ea7fc31c9117cb73359e/1et2vo146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c402dac34a2ddb65a30763afd1e50c65ccd82117b61a773f2512bc6e2dace631
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
Origin
https://twire.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:27 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
543080
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"357952f03822ff20c10ab27cc597e161"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
825ed0523f819064-FRA
twk-chunk-common.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 		215 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6011ea7fc31c9117cb73359e/1et2vo146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78278b5c1f2b851af38fe569a9544e265d53a0c0b6f592bb5117f9b2f40c556b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
Origin
https://twire.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:27 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1060386
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"3559a48cee058d0fa362d062d48d297d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
825ed0523f839064-FRA
twk-runtime.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6011ea7fc31c9117cb73359e/1et2vo146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
988a40deb30ca96a0db8ae7beaaa1bd27e94b484f10bf811384fc4b89dabf066
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
Origin
https://twire.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:27 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
179272
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"ab2e7e6976ebf42505e0f529919444b5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
825ed0523f849064-FRA
twk-app.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ 		151 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/6011ea7fc31c9117cb73359e/1et2vo146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
Origin
https://twire.gg
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:27 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1205387
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:39 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
825ed0523f859064-FRA
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 36B8 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-113.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3333
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 10:15:55 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 10 Nov 2023 21:04:42 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-id
CkAX9qnzs_tuSN62f4TvrfmRmBroCVW3nKeEfHTv4tKIjcC4WbO1NA==
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57ae368608340dd82b53d909b43d0a563b9b48614c8553d21d2382b8407d87bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12255
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 4604 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=twire.gg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:26 GMT
server
Kestrel
server-processing-duration-in-ticks
889432
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 36B8 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-113.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 10:30:17 GMT
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
2471
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
content-length
631
last-modified
Fri, 10 Nov 2023 21:04:40 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
1gYFGEv9VfXrawtk6tV-gCT-ZGRZ0RnpdklpnGQ2qIzC0j-JDjTXEg==
csp-report
q.stripe.com/ Frame 36B8 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 14 Nov 2023 11:11:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1699960287607620
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1699960287606943
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 36B8 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 14 Nov 2023 11:11:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1699960287607292
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1699960287606901
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
sid
mug.criteo.com/ Frame 4604
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=twire.gg&sn=ChromeSyncframe&so=3&topUrl=twire.gg&bundle=FR9OWF9ZWXlrY3ZUQmp6U0VzVXg0UTNYMVFlazhNb20wdFRhcmJrQU5wJTJCQXJGQVg1RERCNnNVa2dyZz...
  • https://mug.criteo.com/sid?cpp=2ylC_XxUV09vUGE1VGFIK0gxMDEydmsrL01QTmttT3lDTXNEa1NpSm9LWW5qcmR0SmZqSzgzUmdqZ0hjME03U3lOMm1RTFRRNFV2U29NMGdnL0hjTFc1RncrOVArbFZ0Rkg5cVdtYWdXbUVVR3UzQzFsQmFZMkFiaUpIWE...
438 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=2ylC_XxUV09vUGE1VGFIK0gxMDEydmsrL01QTmttT3lDTXNEa1NpSm9LWW5qcmR0SmZqSzgzUmdqZ0hjME03U3lOMm1RTFRRNFV2U29NMGdnL0hjTFc1RncrOVArbFZ0Rkg5cVdtYWdXbUVVR3UzQzFsQmFZMkFiaUpIWEk1SWpIek95eEpNbHpMYmNMZEJISUw0Q3RFREhVaEdpbjduUHNVSmRhV2x0OE4rU0JhZDdiYmkzeCsybzJsTEVzMFJjRXJzQTdDMC91VmxVUk5SdlpNZDJibG9yM2lYTU5EYW5Ncy85My9LTG91MlNYenRBcVlic1ZMVnR5R3hSaHpWVFRRbWcvV1ozNmo4K0ZsSzZ5ck15dEdSa2JPUT09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c0f02758d314af676dbde8473e963dc8b8088e695f92e8e02cf5563f4bc80cc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1219566
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=2ylC_XxUV09vUGE1VGFIK0gxMDEydmsrL01QTmttT3lDTXNEa1NpSm9LWW5qcmR0SmZqSzgzUmdqZ0hjME03U3lOMm1RTFRRNFV2U29NMGdnL0hjTFc1RncrOVArbFZ0Rkg5cVdtYWdXbUVVR3UzQzFsQmFZMkFiaUpIWEk1SWpIek95eEpNbHpMYmNMZEJISUw0Q3RFREhVaEdpbjduUHNVSmRhV2x0OE4rU0JhZDdiYmkzeCsybzJsTEVzMFJjRXJzQTdDMC91VmxVUk5SdlpNZDJibG9yM2lYTU5EYW5Ncy85My9LTG91MlNYenRBcVlic1ZMVnR5R3hSaHpWVFRRbWcvV1ozNmo4K0ZsSzZ5ck15dEdSa2JPUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
316388
content-length
0
expires
0
widget-settings
va.tawk.to/v1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=6011ea7fc31c9117cb73359e&widgetId=1et2vo146&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cafa5608f31280ec339b47e68e48e10dbd6838405ba3719db6d7a9c05566281
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:30 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-cl28
server
cloudflare
etag
W/"2-197-0"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
825ed052f8289064-FRA
access-control-allow-headers
content-type,x-tawk-token
inner.html
m.stripe.network/ Frame DEEF 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
34
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 11:10:54 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-cf-id
tkzXoew6mydRp3ednhphe4FVp5jFz_lpH7k84cdVt1S0yjSHhKetjw==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Nov 2023 11:11:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0F49 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsup5ZYwy7MLvLR6gyudJouUR8vP3BLO6z_4Kj0TTXh0Y358NOFtX8OhTuMQDtZk0DMQCiSsFAVzue4DW1O6zWttGGfatIPJ3kSF7VjWQ3vfkPl6gxZiuYE6YThKboFc6aM&sai=AMfl-YQ-LtrQ8xUuZle94A51wwzaP1fctdStFT6G3Ee1RmXhKbo4NGzdSWhgq3B4vHfed7zETF3N58tOz6CZ_XOXrftlRV2XXiYnX8pUpONDoXZKVdHKoSAr02ATHcL_XFdDigJZ1STblOhyWfM-ESBhjVuacCLCHFr8K-k&sig=Cg0ArKJSzGOVBzmeLHm5EAE&cid=CAQSTgDICaaNGaQSiVXIkn9tkV6ostm2ZsIATzgWtUWMPeK-tLWKdxxZkbbv6BqUgGXCigfm8Emq28chWyAmAKW-O8NKcdDObFAY74gGh9HHLxgB&id=lidar2&mcvt=1010&p=1110,315,1200,1285&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20231113&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=281227281&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699960285373&rpt=803&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
start
va.tawk.to/v1/session/ 		0
0
start
va.tawk.to/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twire.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://twire.gg
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
825ed053183a9064-FRA
date
Tue, 14 Nov 2023 11:11:30 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-zjgf
csp-report
q.stripe.com/ Frame DEEF 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 14 Nov 2023 11:11:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1699960287607331
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1699960287606971
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame DEEF 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:08:46 GMT
content-encoding
br
via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
162
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA56-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
Pu5Elphq_gwrzwhEtFHgaJSq-BVVU7quBgMpWEzcXO2cYKcE6nixyA==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BFD1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3441
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 10:14:06 GMT
expires
Wed, 13 Nov 2024 10:14:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EA8D 		829 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0d702577b2fe76112fcf084b1b6a7ad835028f9e1ca9b88beed6348375516e42
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cva2Y0FqCrBoP8ZPgGklPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-cva2Y0FqCrBoP8ZPgGklPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:27 GMT
expires
Tue, 14 Nov 2023 11:11:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
viewability
hal900028.redintelligence.net/ Frame 8C99 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/viewability?s=28026600061237504445002012508028&a=84b5fa71&vb=v
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=28026600061237504445002012508028&a=e373c8dd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/request_content.php?s=28026600061237504445002012508028&a=e373c8dd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:27 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 7CDB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvJfdaBjxHv7Enrkeh31RBGA7qvtPcLqf8etKjapf4pHi12y-A9lazpP8SstAQ503QUQQFkYOOc628gPREVtq8MjX_QtfwJsFysQQRCvo4DETYK4p9GXmGD2ldkMAAYIo&sai=AMfl-YRelY_0WTyg1WyF-rvYDRZMH2bUlv9GOUpkyWofnsstC3PwnIkQx7vvuJqWZSv3WFD9x7nJwOM_b9T2IlQ97nEt9KLUcP6uxuEzo4Nq1sP5d-6lF5uR7UKGIE8474Y6itgFcxeCr1W5NJtziMNv&sig=Cg0ArKJSzBLF9-naKofAEAE&cid=CAQSTgDICaaNKMc21PVJv9TBjC12dsfZBIGIZthRt86xw2TVkkCzHT99ipsn2hs7jYzK-1Jw1cM6wArr4zY_h7RRC0t0Osrk5jsvG5Qd5G_F3RgB&id=lidar2&mcvt=1360&p=102,152,192,1122&mtos=1360,1360,1360,1360,1360&tos=1360,0,0,0,0&v=20231113&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4212285392&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699960285314&rpt=1274&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 0F49 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.173.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-173-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Nov 2023 11:11:28 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.173.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-173-249.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 14 Nov 2023 11:11:28 GMT
server
nginx
viewability
hal900018.redintelligence.net/ Frame 06C8 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/viewability?s=48734300048605804445002012508018&a=2f2a2388&vb=v
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=48734300048605804445002012508018&a=f0261d59
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/request_content.php?s=48734300048605804445002012508018&a=f0261d59
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:28 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA1C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7316814170127&version=m202309260101&ct=77&x=1&cor=18323929860426938000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7269 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 11:11:25 GMT
expires
Wed, 13 Nov 2024 11:11:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F49 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2535292103376&version=m202309260101&ct=77&x=1&cor=5103071550939353000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7CDB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7928568888769&version=m202309260101&ct=77&x=1&cor=15522261777459247000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame BA1C 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.173.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-173-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Nov 2023 11:11:28 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.173.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-173-249.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 14 Nov 2023 11:11:28 GMT
server
nginx
6
m.stripe.com/ Frame DEEF 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.73.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-73-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8c518ad01f7e216cb4e63409658ca7fdb522ada3a923cea87d8c0464dc520c43
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 14 Nov 2023 11:11:28 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1699960288959116
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1699960288958732
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
sodar
pagead2.googlesyndication.com/pagead/ Frame EA8D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=3003470240693621&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
tracking-event
api.webgains.io/ Frame 7CDB 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.173.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-173-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Nov 2023 11:11:28 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.173.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-173-249.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 14 Nov 2023 11:11:28 GMT
server
nginx
css2
fonts.googleapis.com/ Frame 7269 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 11:11:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 10:13:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 11:11:28 GMT
css
fonts.googleapis.com/ Frame 956C 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 11:11:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 09:28:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 11:11:28 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 956C 		2 KB
824 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
69603
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 15:51:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 956C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:51:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
69607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 15:51:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 956C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:51:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
69610
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 15:51:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DA89 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67771
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Tue, 14 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 956C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 15:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
69603
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 15:51:25 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 956C 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699878811805094"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 11:11:28 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 956C 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
390870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 22:22:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 22:36:58 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 7269 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 17:53:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
62300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Nov 2023 17:53:08 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7269 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 13:40:18 GMT
x-content-type-options
nosniff
age
423070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 08 Nov 2024 13:40:18 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7269 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 10:48:25 GMT
x-content-type-options
nosniff
age
1383
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 13 Nov 2024 10:48:25 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame BFD1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 09:56:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
4475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Nov 2024 09:56:53 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame DA89 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBDHcbPfCjgH9dWqUHMVEgg&google_cver=1&google_push=AXcoOmSCmDu2gbr-05qTMY62vN9Ri1yTUgXn4bY5vSz8lzYDkjJD5WxymbY_HIhKE6Xk35NC4w8l-cqEMuQIacB4Yhz5MyBTxcMXGA
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame DA89
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBM-OG6sUSLvEAYqu76Um2A&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBM-OG6sUSLvEAYqu76Um2A&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RWFvdnNLMkIxUjJSa2s1&google_gid=CAESEBM-OG6sUSLvEAYqu76Um2A&google_cver=1&google_push=AXcoOmQqU-GwdpiF60zjdeBWGltdkLLU8i02lOCZnJKnyOA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RWFvdnNLMkIxUjJSa2s1&google_gid=CAESEBM-OG6sUSLvEAYqu76Um2A&google_cver=1&google_push=AXcoOmQqU-GwdpiF60zjdeBWGltdkLLU8i02lOCZnJKnyOAjgT-dFZTBk9BatkX6MbDLf9wavhoBbOUkDi52P1WAD75m2aFuwmorbUs
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 11:11:27 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-051642093d6c37fb5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RWFvdnNLMkIxUjJSa2s1&google_gid=CAESEBM-OG6sUSLvEAYqu76Um2A&google_cver=1&google_push=AXcoOmQqU-GwdpiF60zjdeBWGltdkLLU8i02lOCZnJKnyOAjgT-dFZTBk9BatkX6MbDLf9wavhoBbOUkDi52P1WAD75m2aFuwmorbUs
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame DA89 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESELhbNe6SU7Frd7qPLRMdQQg&google_cver=1&google_push=AXcoOmSvKOImPh73LGMDogcT4Ua5VjcbsyPq28vQWqKtdTgauosK4C1VOL2v16EEoZQcjhnI-Jy640YpU1gBdL3FuZ1CBDRQBbxH-Rc
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:28 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame DA89 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBebZ0CeWc4VJS77TZyb3CY&google_cver=1&google_push=AXcoOmQH0gvf0sv2opKVkUpnTDFJd-Lr0UsESVnPCkY4prl6M3K24avE4dHbCZjteAO_HuC0m1-CeAdE53BRVvb6ru9RZWoiYk_vedU
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.96.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-96-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame DA89
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPPkTwnWSMg7g85Za8cXiu0&google_cver=1&google_push=AXcoOmT5KVpVFV2WPWFj8mzIqxGTZ1arQj1q-xBo4mr4FuQfmyOowAwGt9OheiYNguJzeUNrFb1vOzr23oV7a...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPPkTwnWSMg7g85Za8cXiu0&google_push=AXcoOmT5KVpVFV2WPWFj8mzIqxGTZ1arQj1q-xBo4mr4FuQfmyOowAwGt9OheiYNguJzeUNrFb1vOzr23oV7a...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT5KVpVFV2WPWFj8mzIqxGTZ1arQj1q-xBo4mr4FuQfmyOowAwGt9OheiYNguJzeUNrFb1vOzr23oV7axvT9LYbaj1eVFnIKJ4&google_hm=aEhZU1ZrWmg3b3dlS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT5KVpVFV2WPWFj8mzIqxGTZ1arQj1q-xBo4mr4FuQfmyOowAwGt9OheiYNguJzeUNrFb1vOzr23oV7axvT9LYbaj1eVFnIKJ4&google_hm=aEhZU1ZrWmg3b3dlSHNmVWJjV0E=
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 11:11:29 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT5KVpVFV2WPWFj8mzIqxGTZ1arQj1q-xBo4mr4FuQfmyOowAwGt9OheiYNguJzeUNrFb1vOzr23oV7axvT9LYbaj1eVFnIKJ4&google_hm=aEhZU1ZrWmg3b3dlSHNmVWJjV0E=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
239
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DA89
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJoMzzr0qXaRwQ3-9Cyahgw&google_cver=1&google_push=AXcoOmT9hHwlesEr4VbVnTBNfuBbKm8JOFKwrf3UFly8wjkWcNg4SjH9dft71MYaJ2VkdVlPMlq4Z_HU_ANSWv8...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=M24NVg__WRVaKUT8W4z3F7Ki0Ys&google_push=AXcoOmT9hHwlesEr4VbVnTBNfuBbKm8JOFKwrf3UFly8wjkWcNg4SjH9dft71MYaJ2VkdVlPMlq4Z_HU_ANSWv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=M24NVg__WRVaKUT8W4z3F7Ki0Ys&google_push=AXcoOmT9hHwlesEr4VbVnTBNfuBbKm8JOFKwrf3UFly8wjkWcNg4SjH9dft71MYaJ2VkdVlPMlq4Z_HU_ANSWv8wZBPz_zpoCj39QWA
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=M24NVg__WRVaKUT8W4z3F7Ki0Ys&google_push=AXcoOmT9hHwlesEr4VbVnTBNfuBbKm8JOFKwrf3UFly8wjkWcNg4SjH9dft71MYaJ2VkdVlPMlq4Z_HU_ANSWv8wZBPz_zpoCj39QWA
Date
Tue, 14 Nov 2023 11:11:29 GMT
Connection
keep-alive
Content-Length
245
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame DA89
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGpC0Sr6hUQKU9REikBOhLI&google_cver=1&google_push=AXcoOmQEEESHYUGjN7SzuL2hsBOjjtL9HzWIxl6tV1O2_orbaGPxPRRfTZk4p3viUMZXrtm3J4YaTXkbaDTO...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQEEESHYUGjN7SzuL2hsBOjjtL9HzWIxl6tV1O2_orbaGPxPRRfTZk4p3viUMZXrtm3J4YaTXkbaDTOejmp5X6Ufpf1SBnPMlQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQEEESHYUGjN7SzuL2hsBOjjtL9HzWIxl6tV1O2_orbaGPxPRRfTZk4p3viUMZXrtm3J4YaTXkbaDTOejmp5X6Ufpf1SBnPMlQ
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQEEESHYUGjN7SzuL2hsBOjjtL9HzWIxl6tV1O2_orbaGPxPRRfTZk4p3viUMZXrtm3J4YaTXkbaDTOejmp5X6Ufpf1SBnPMlQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame DA89 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LuwepTd1UM831WqExB2UlT2ocX_UHHEzNgqTJdXmZv_gh8ElYlF92Slj4SbBzHOqVIO07B
Requested by
Host: 436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
URL: https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
pagead2.googlesyndication.com/bg/ Frame 55BE 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Requested by
Host: twire.gg
URL: https://twire.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 03:55:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
112557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14900
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 03:55:31 GMT
json
gum.criteo.com/sid/ 		2 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftwire.gg%2F&domain=twire.gg&cw=1&pbt=1&lsw=1
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
208501
expires
0
sync
eb2.3lift.com/ Frame 7209 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 14 Nov 2023 11:11:28 GMT
usync.html
eus.rubiconproject.com/ Frame 7CAB 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Nov 2023 11:11:28 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 7588 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
492
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
825ed05d9a109a3c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 11:11:28 GMT
expires
Tue, 14 Nov 2023 15:11:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame B2C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 14 Nov 2023 11:11:28 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
pd
adnimation-d.openx.net/w/1.0/ Frame 4048 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adnimation-d.openx.net/w/1.0/pd
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 14 Nov 2023 11:11:28 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
ssc-cms.33across.com/ps/ Frame E515 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aEU7WKPLar7yomrkHcnlKl&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP010 /
Resource Hash

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 14 Nov 2023 11:11:28 GMT
server
33XP010
x-33x-status
2000208
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4617 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
19832
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 14 Nov 2023 11:11:28 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 08 Nov 2023 05:49:52 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1176, 160915
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230030-FRA
X-Timer
S1699960289.884160,VS0,VE0
checksync.php
contextual.media.net/ Frame BFC5 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUAID4GW&prvid=2034%2C2033%2C2031%2C2030%2C2073%2C233%2C2028%2C2027%2C236%2C237%2C117%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C404%2C9%2C2012%2C2055%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C3018%2C3017%2C214%2C459%2C70%2C77%2C38%2C2022%2C141%2C262%2C461%2C222%2C10000%2C80%2C108&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: adncdnend.azureedge.net
URL: https://adncdnend.azureedge.net/adtags/prebidLibTest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d05600f74535cbc2130209c0e3ef691ee3e2a72bb76aff884328f057aa0e5260
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://twire.gg/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86670
content-encoding
gzip
content-length
8432
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 11:11:28 GMT
expires
Wed, 15 Nov 2023 11:15:58 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
generate_204
tpc.googlesyndication.com/ Frame BFD1 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7DiTuA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftwire.gg%2F&domain=twire.gg&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://twire.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 14 Nov 2023 11:11:28 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
276067
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 7CAB 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e65be173f5cf62dec77af861ef4428935adb07291340a9844ccb23770de1aa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 11:11:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Nov 2023 18:53:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27703
Connection
keep-alive
Content-Length
13280
Expires
Tue, 14 Nov 2023 18:53:11 GMT
async_usersync
ib.adnxs.com/ Frame 4617 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:28 GMT
an-x-request-uuid
b1b7573d-656d-46fb-829a-3e33a20424cb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CE24 		2 KB
1008 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwire.gg%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
486775f597b863bd85b2c234ee94c66e2ffca402c434ab0ef295d2bb443bcf13

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
825ed05e3da203a0-FRA
content-encoding
br
content-type
text/html
date
Tue, 14 Nov 2023 11:11:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kA7RFN0SAAa28IgkokG6DwsQAqjONLzIh65E2mLq6K0oGsLSCPyNWz%2Bm5UGFo5WePW3TxYGAPhx%2F2AdnM8CM8d2tErpgXzFXkoS7TZT4t3YtaCm3ld87ejh6WqQee%2FTWXxIxNu1N5QeJlA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame 7CAB 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
501709.gif
idsync.rlcdn.com/ Frame CE24
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVNV3Q3t9Eex1CBZrRTnsgAA%265222&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVNV3Q3t9Eex1CBZrRTnsgAA%265222&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=4d3a3184c6a44799b185fff03656f84d
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=4d3a3184-c6a4-4799-b185-fff03656f84d
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=064f3d94-ffd7-4d49-b8da-e7f854efbc34%3A1699960291.7912211&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D064f3d94-ffd7-4d49-b8da-e7f854e...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588527451842434&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D064f3d94-ffd7-4d49-b8...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=064f3d94-ffd7-4d49-b8da-e7f854efbc34%3A1699960291.7912211&_=1699960291.7932398
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=064f3d94-ffd7-4d49-b8da-e7f854efbc34%3A1699960291.7912211&_=1699960291.7932398
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwire.gg%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Tue, 14 Nov 2023 11:11:32 GMT
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=064f3d94-ffd7-4d49-b8da-e7f854efbc34%3A1699960291.7912211&_=1699960291.7932398
content-length
447
x-amz-cf-id
ZzEXRzZQIg1_7NpsxE3qOfz410L3RGjgX2L0qBtwKLzcU9heS5Xn3w==
casale
match.adsrvr.org/track/cmf/ Frame CE24 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwire.gg%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:29 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame CE24
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVNV3Q3t9Eex1CBZrRTnsgAAFGYAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVNV3Q3t9Eex1CBZrRTnsgAAFGYAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVNV3Q3t9Eex1CBZrRTnsgAAFGYAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwire.gg%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 11:11:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W6S8KDQ1H36MBJ6M7ZGC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 14 Nov 2023 11:11:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
00RQW04M5BX5S67XXGGN
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVNV3Q3t9Eex1CBZrRTnsgAAFGYAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CE24
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVNV3Q3t9Eex1CBZrRTnsgAAFGYAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBfxMY3va6lJgW3-eGPuUmk&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBfxMY3va6lJgW3-eGPuUmk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwire.gg%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOVmlUAwpCCM4RNarf7OgPnGctlqn5aySG2OCy2basZuyNDjzMpDBbBi5L8Kp519yADbexn0OiENa0SYwQpIizuiv66ASyXFHTtK8HEmTd2ISoudEhY09PSSkOun9AcvR5ZjX%2FMXn%2FlyGA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ed05e9f0e2c2b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBfxMY3va6lJgW3-eGPuUmk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame CE24 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwire.gg%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:29 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-8
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
demconf.jpg
dpm.demdex.net/ Frame CE24
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZVNV3Q3t9Eex1CBZrRTnsgAA%265222?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZVNV3Q3t9Eex1CBZrRTnsgAA%265222
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZVNV3Q3t9Eex1CBZrRTnsgAA%265222
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwire.gg%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.50.62.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-62-11.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-0994aa89c.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 14 Nov 2023 11:11:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
OKPCuT/6Qm8=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-0734bfb3b.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Tue, 14 Nov 2023 11:11:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
4NAowGRYRp4=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZVNV3Q3t9Eex1CBZrRTnsgAA%265222
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame CE24
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715685089&external_user_id=70bc47d6-6da5-4ed3-91f9-1c2b6896ecde
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715685089&external_user_id=70bc47d6-6da5-4ed3-91f9-1c2b6896ecde
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwire.gg%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0EYf3lQ2baTsQBsVssJTEp9WJpUc1LDJ4cxIYNfHtnWdMe1xWLmE8wotf5lcuygYFzRkWsyocLcpe6A4eAwtpElGguEBjC3c%2FuNWIZopUn29tjyyiU5PPYBcmUcaV60LH%2BehG1iHlbAhyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
825ed05f781c2c2b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 14 Nov 2023 11:11:29 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715685089&external_user_id=70bc47d6-6da5-4ed3-91f9-1c2b6896ecde
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
pixelSync
pixel-sync.sitescout.com/dmp/ Frame CE24 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwire.gg%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 14 Nov 2023 11:11:28 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame CE24 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZVNV3Q3t9Eex1CBZrRTnsgAA%265222
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwire.gg%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:29 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
18122
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
825ed05e7afa9a3c-FRA
content-length
43
expires
Wed, 15 Nov 2023 11:11:29 GMT
6
m.stripe.com/ Frame DEEF 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.73.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-73-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8c518ad01f7e216cb4e63409658ca7fdb522ada3a923cea87d8c0464dc520c43
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 14 Nov 2023 11:11:29 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1699960289157334
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
5
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1699960289157010
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=3003470240693621&bg=!AwClAE_NAAZxrfrxUa07ADQBe5WfONzvpF7mwCjmPjSCMDjnwrwOa479V8D3wlcTM3ClUY8NrzUU5525opFsUEmzGgmAAgAAANVSAAAABGgBB5kCr76ZN-LDEXGZ5HFRE2irT28X_WWYxEPMp8EGYjdI518fjKmscwHcPeEV1cjbk6i2OFLo0y8icIJr8ebxqFT7M0FPK3SUQBBJ6xzNVIbHg8KA4XxvB96X8AWDXOIuUL4dA3mtYwVpObSg6bcsw4kbyIJ0C8n1W41whPTIQQbOQXJq0K_lDsSa_TiDKIC8ypEhXAOkpX4dWHAtwo96bE9jEW9QUDESAFUTOd24egjy6FK8SO7lDlDMr7p__Tp5X-ev4W4DNs7AfWwZl-R460KtKoSxQ54wWS1s7qrhvae0NANV-KsRtgMBRFBVn-qtdQg76BMP7W9Y0_95czgQqLDiq4Xcg_LEVnWhN_-2sPZQNuWM02_Fz4r7QXuzYGi22XDLNWENq4gz7dvLTvcYxfG3aHhgKCQXfgogEtgSdPvP9Vvb423zna65BsK_zvf202R79W8H10oolVlOMcVatZlEzpkK1MmvK11DFDlvooNUKK1i1rOYrCzF3Z8YzjKmbQ_TkDVcmpgVkfTKBExIFNlT-umTsTmWtwFpHfAtSsRRWCYKb9bshisANNSXXH2vdPYNOoUnwgHbRwrJdXrOuJPm6xx4Yea3sT-yuJd425Yv8QocPgZe9NPAAhR3a7zTQPoEKWeJB65A2y4Uh_OB59vbdyCM7bDsUk-ejkIyXeNLW1xaYB44is6nJwrth-26fzFsfFDb_l6Uywd4t4eRqeOX8OUc8g3Zoxon-udCp1VtEzFqjnc1a4x-RAvo50ATzqXlLo41GrH6Wug8Cl1kr_ws0uSaEtE2vnqqNjjEMeTtYsZp_FSxHIL5Et7nZAl-v66c3nb-BGkA-AR0vqvswbSiMPHtWAZd7LCt_K1MKNwdo70GzkJrCYULIkCb7uuPRdplBwReK5BInBlehpanyhVg0w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 4617 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:31 GMT
an-x-request-uuid
393d0161-6820-4ab9-9080-e9b172828d97
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.139; 178.162.209.139; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TGS0SKWZ8C&gtm=45je3b81v875074973&_p=1699960283130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1383128441.1699960284&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&dl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&dr=https%3A%2F%2Ftwire.gg%2F&sid=1699960283&sct=1&seg=1&dt=All%20about%20PUBG%20Esports%20%7C%20Twire&en=page_view&_et=1295&tfd=6940
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TGS0SKWZ8C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P0G2P3FQKZ&gtm=45je3b81v9101290881&_p=1699960283130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1383128441.1699960284&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1699960284&sct=1&seg=1&dl=https%3A%2F%2Ftwire.gg%2Fen%2Fpubg&dr=https%3A%2F%2Ftwire.gg%2F&dt=All%20about%20PUBG%20Esports%20%7C%20Twire&_s=3&tfd=7308
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0G2P3FQKZ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://twire.gg/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 11:11:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://twire.gg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/languages/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/653fa0ef1ea/languages/en.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/653fa0ef1ea/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twire.gg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:11:31 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
440240
x-cache-status
STALE
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Oct 2023 12:28:40 GMT
server
cloudflare
etag
W/"7f37a030886ec7fce1d065ec482789ee"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
825ed06db94f9196-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
udmserve.net
URL
https://udmserve.net/udm/img.fetch?sid=18948
Domain
udmserve.net
URL
https://udmserve.net/udm/img.fetch?sid=18948
Domain
udmserve.net
URL
https://udmserve.net/udm/img.fetch?sid=18948
Domain
udmserve.net
URL
https://udmserve.net/udm/img.fetch?sid=18948
Domain
udmserve.net
URL
https://udmserve.net/udm/img.fetch?sid=18948
Domain
udmserve.net
URL
https://udmserve.net/udm/img.fetch?sid=18948
Domain
udmserve.net
URL
https://udmserve.net/udm/img.fetch?sid=18948
Domain
va.tawk.to
URL
https://va.tawk.to/v1/session/start

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| documentPictureInPicture function| gtag object| dataLayer object| Tawk_API object| Tawk_LoadStart function| fbq function| _fbq function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| webpackJsonpfrontend object| CleverCore boolean| CleverCoreLoaded object| google_tag_manager object| google_tag_data function| setImmediate function| clearImmediate object| regeneratorRuntime object| AWS function| Buffer object| core function| onYouTubeIframeAPIReady object| gaGlobal string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| webpackChunkStripeJSouter function| noop function| Stripe object| aniViewScript object| styleElement object| enablesSlotIDs object| myAds number| PREBID_TIMEOUT object| adUnits string| deviceCategoy object| googletag object| pbjs function| addAds string| css object| ggeac object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apstag object| apscustom object| pbjsChunk object| _pbjsGlobals object| mnet function| ha undefined| google_measure_js_timing object| google_reactive_ads_global_state object| Criteo number| google_unique_id object| hadron boolean| __halo_loaded__ object| PublisherCommonId object| ID5 object| __id5_instances function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| signal_decrypted object| __uid2SecureSignalProvider object| __uid2 object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo_identitytag_144 object| _33across object| au object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 number| refreshInterval object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| GoogleGcLKhOms object| google_image_requests

66 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARC_Fg
twire.gg/ Name: i18next
Value: en
.twire.gg/ Name: _ga
Value: GA1.1.1383128441.1699960284
.twire.gg/ Name: _hjSessionUser_3175073
Value: eyJpZCI6ImU5NTU4YmVkLWE3ZWUtNTI2ZC05MmMyLTk5MThjNjkwY2YyMyIsImNyZWF0ZWQiOjE2OTk5NjAyODM2ODAsImV4aXN0aW5nIjpmYWxzZX0=
.twire.gg/ Name: _hjFirstSeen
Value: 1
.twire.gg/ Name: _hjIncludedInSessionSample_3175073
Value: 0
.twire.gg/ Name: _hjSession_3175073
Value: eyJpZCI6IjYxNGU1MTY0LTljOGQtNDEyZi04OWY4LWVmZTBiM2M1MjYwOSIsImNyZWF0ZWQiOjE2OTk5NjAyODM2ODIsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.twire.gg/ Name: _hjAbsoluteSessionInProgress
Value: 0
twire.gg/ Name: clever-last-tracker-69340
Value: 1
twire.gg/ Name: clever-counter-69340
Value: 0-1
.twire.gg/ Name: _fbp
Value: fb.1.1699960283727.2063502979
twire.gg/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bet365.de/ Name: __cf_bm
Value: 6_ZJ06N_.gzJLFvpEuFpv5PinvSyyIsWddji1mYsbgs-1699960284-0-AX85BpcL/J20JhKsL54kjMOIiZ4zaCGbTqv2tPzqqZcuY2sK/pUw6A0FU3748u/riM1EroHKnl99N91ZXWjQvo4=
.rubiconproject.com/ Name: khaos
Value: LOY8GMMJ-S-7ZJ6
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqcqEMZgQvo+S+IXqvPVzt4X6LBWwGzep07cZe5xyGZWdSzRMrBlJ1RJhEm/LzickBIHHY/eKfzMzmktARvWscKIo8tEQuGXfEijy0RC4Zd8aZr5ZVxLWDe
.twire.gg/ Name: _ga_TGS0SKWZ8C
Value: GS1.1.1699960283.1.1.1699960284.59.0.0
.criteo.com/ Name: uid
Value: 55a158a8-0d1c-46b4-94e0-d992aa19cb3c
.twire.gg/ Name: __gads
Value: ID=1373588c97a44752:T=1699960284:RT=1699960284:S=ALNI_MbVCRihx5NebOCZmKr-pGKkVAhIBA
.twire.gg/ Name: __gpi
Value: UID=00000cc3b19f9a02:T=1699960284:RT=1699960284:S=ALNI_MYDgirx9h9G6blNImIz3K_TGeFAcQ
.openx.net/ Name: i
Value: e52eb823-33c3-4aed-a86b-276d8f8bf9e3|1699960285
.doubleclick.net/ Name: IDE
Value: AHWqTUmRI2pnfoWfx_ih7yUiJOO18OCLIhNj82IsRmaTLSxDv6MZJd-zDkBFP1Ea
.casalemedia.com/ Name: CMID
Value: ZVNV3Q3t9Eex1CBZrRTnsgAA
.casalemedia.com/ Name: CMPS
Value: 5222
.casalemedia.com/ Name: CMPRO
Value: 5222
.adnxs.com/ Name: uuid2
Value: 4184811109427694482
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVRvU0d`!]tbPl1M>e)ZlrFUfJ+tGXxo7NBrfE<C$'CBDIsQ<Z!7=<Sj3AOyzRuF65C33If)y3KL9D3I?+?=/=<d
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: APC
Value: AfxxVi6G0dYjrXuLWWkFcceFW9R1Mid1Wz1q-1z0qrNLp8YpP7vwEg
.udmserve.net/ Name: dt
Value: CC87B0D6-17FF-3323-8747-E80BE86D4343
.doubleclick.net/ Name: ar_debug
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 4c5ca3da7a92cdbb
.udmserve.net/ Name: udmts
Value: 1699960286.0
.awin1.com/ Name: AWSESS
Value: 357526:3266505
.awin1.com/ Name: awpv11601
Value: 113440|1699960286|8d6b15a0-82de-11ee-84cc-223908f3a6a6
pb.media01.eu/ Name: ASP.NET_SessionId
Value: ldwsb1iz1wp1mpcptyqtiscb
pb.media01.eu/ Name: DTU
Value: F3EFD2291672120C58258BFAD6F23E49
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1699960286752,"clickCookie":false}}
twire.gg/ Name: twk_idm_key
Value: TiWw9hP-rpJxUODjklfWD
.twire.gg/ Name: cto_bundle
Value: MzaBIl9ZWXlrY3ZUQmp6U0VzVXg0UTNYMVFSV0ZZam5xY2sxdkVLZyUyQnFVNklQVUJ1cEdESGc5VmlMaXklMkYlMkJwbThGQzNXWnF1N3pRWFhtSDdpYzlnOWhGZDJRdEdJV0tHZkNqQlN1S2VnNUJmQWslMkJuMEgyMExvVmhEcUFhcTcwdm5TOCUyRlZBMFRYNUVOa2VUU3h0UlI1eGFwYXZRJTNEJTNE
.twire.gg/ Name: _ga_P0G2P3FQKZ
Value: GS1.1.1699960284.1.1.1699960288.56.0.0
.w55c.net/ Name: wfivefivec
Value: EaovsK2B1R2Rkk5
.w55c.net/ Name: matchgoogle
Value: 5
.zemanta.com/ Name: zuid
Value: hHYSVkZh7oweHsfUbcWA
m.stripe.com/ Name: m
Value: bd436d7a-10b4-4af4-8a84-c4e41fff864ef4bf7b
.twire.gg/ Name: __stripe_mid
Value: 738f9adb-a71b-423b-808b-d1f7749f04415adb57
.twire.gg/ Name: __stripe_sid
Value: 4e671b9a-789d-4967-a2a7-1d430ee92944d8a52e
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-336e0d56-0fff-5915-5a29-44fc5b8cf717.bQBwRV0mIo%2FlmMdZUMACcoZxsWTw2jV1VBTKt0GPBjQ
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-336e0d56-0fff-5915-5a29-44fc5b8cf717.bQBwRV0mIo%2FlmMdZUMACcoZxsWTw2jV1VBTKt0GPBjQ
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AM24NVg__WRVaKUT8W4z3F7Ki0Ys.9hlKZgPckXzNGaiJEcAwsq6kXPSLJPM4N1QxXk8F08A
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AM24NVg__WRVaKUT8W4z3F7Ki0Ys.9hlKZgPckXzNGaiJEcAwsq6kXPSLJPM4N1QxXk8F08A
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDO-WQ0_wH3PD3SvjJcfmmPwDz8lWN12UKNoD5HwyPaVEHwYBCDhq82qBjABOgRzygDyQgRjh9WK.xUKRwqrKUyVlnY0NVa6V7AOce1%2FWnowDnLiwcmeBsT4
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDO-WQ0_wH3PD3SvjJcfmmPwDz8lWN12UKNoD5HwyPaVEHwYBCDhq82qBjABOgRzygDyQgRjh9WK.xUKRwqrKUyVlnY0NVa6V7AOce1%2FWnowDnLiwcmeBsT4
.demdex.net/ Name: demdex
Value: 77508769044325508292099081768720200191
.dpm.demdex.net/ Name: dpm
Value: 77508769044325508292099081768720200191
.company-target.com/ Name: tuuid
Value: 70bc47d6-6da5-4ed3-91f9-1c2b6896ecde
.company-target.com/ Name: tuuid_lu
Value: 1699960289|ix:0
.amazon-adsystem.com/ Name: ad-id
Value: A8wJp7WKjkZhgt1UsTusODk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.liadm.com/ Name: lidid
Value: 4d3a3184-c6a4-4799-b185-fff03656f84d
.rezync.com/ Name: zync-uuid
Value: 064f3d94-ffd7-4d49-b8da-e7f854efbc34:1699960291.7912211
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjcxNbQwMTIxNhHiM9R1LUs3N7M08olPDHAGAMG9kAIlAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRHAIAgEwE_aISN4AS_dxCCFWLm7-4rmqJ6EVGUIEpQ58pMVNR6smn_Hq07Sm1HvoJqpHvjP0486AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjcxNbQwMTIxNhHiM9R1LUs3N7M08olPDHAGAMG9kAIlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13IsRGAIAwF0AmsmCMegS_hu40YMpClpZNaemf53pUsN0R1QiLcBA7K6H7ItOgbZoyzYtdGsuVCXY1aiuqdli8JPj-_dC2fEloAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNyk0KgzAQBtC7zNoUJ375mVxG1EwgtNpi7Kbi3evywTtp_Oi-TptuB6Vj_2pHy6veapROavW36pMSOQZcjM4GOI6wGEBXR01bq-9trPk-vUcZssCUkoNBhpg55sloKNFBy7wMSOxFxPdW-BGErWWm6w_ItiZL.ZVNV5A.fspc2FWHvAEX5pfLidEOJHbDkHg
twire.gg/ Name: TawkConnectionTime
Value: 1699960293011

21 Console Messages

Source Level URL
Text
network error URL: https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/274e3e86-6ccd-11ee-8694-064f26ad4164.png
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/50c74f4a-73cc-11ee-b335-4a0903289e86.png
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://twire-assets.s3.eu-west-1.amazonaws.com/pubg/tournament-logos/2abd2a8a-613a-11ee-8f18-064f26ad4164.png
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://members.bet365.de/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
javascript error URL: https://twire.gg/en/pubg
Message:
Access to XMLHttpRequest at 'https://udmserve.net/udm/img.fetch?sid=18948' from origin 'https://twire.gg' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://udmserve.net/udm/img.fetch?sid=18948
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://twire.gg/en/pubg
Message:
Access to XMLHttpRequest at 'https://udmserve.net/udm/img.fetch?sid=18948' from origin 'https://twire.gg' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://udmserve.net/udm/img.fetch?sid=18948
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://twire.gg/en/pubg
Message:
Access to XMLHttpRequest at 'https://udmserve.net/udm/img.fetch?sid=18948' from origin 'https://twire.gg' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://udmserve.net/udm/img.fetch?sid=18948
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://twire.gg/en/pubg
Message:
Access to XMLHttpRequest at 'https://udmserve.net/udm/img.fetch?sid=18948' from origin 'https://twire.gg' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://udmserve.net/udm/img.fetch?sid=18948
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://twire.gg/en/pubg
Message:
Access to XMLHttpRequest at 'https://udmserve.net/udm/img.fetch?sid=18948' from origin 'https://twire.gg' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://udmserve.net/udm/img.fetch?sid=18948
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://twire.gg/en/pubg
Message:
Access to XMLHttpRequest at 'https://udmserve.net/udm/img.fetch?sid=18948' from origin 'https://twire.gg' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://udmserve.net/udm/img.fetch?sid=18948
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://twire.gg/en/pubg
Message:
Access to XMLHttpRequest at 'https://udmserve.net/udm/img.fetch?sid=18948' from origin 'https://twire.gg' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://udmserve.net/udm/img.fetch?sid=18948
Message:
Failed to load resource: net::ERR_FAILED
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=064f3d94-ffd7-4d49-b8da-e7f854efbc34%3A1699960291.7912211&_=1699960291.7932398
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

436bbf9f2bd48497675dc40fe41fe9c8.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
a.ad.gt
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
adncdnend.azureedge.net
adnimation-d.openx.net
adservice.google.com
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
call.cleverwebserver.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.track.production.webgains.team
cm.adgrx.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
dclk-match.dotomi.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
embed.tawk.to
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900012.redintelligence.net
hal900018.redintelligence.net
hal900028.redintelligence.net
hb-api.omnitagjs.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
idsync.rlcdn.com
invstatic101.creativecdn.com
js-sec.indexww.com
js.stripe.com
lb.eu-1-id5-sync.com
live.rezync.com
lp.cleverwebserver.com
m.stripe.com
m.stripe.network
match.adsrvr.org
medialead.de
members.bet365.de
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pb.media01.eu
pixel-sync.sitescout.com
pm.w55c.net
prebid.a-mo.net
prebid.media.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pv.medialead.de
q.stripe.com
qu2qygng5zf4zbzt6j3wesx6fy.appsync-api.eu-west-1.amazonaws.com
region1.analytics.google.com
rtb.openx.net
s.amazon-adsystem.com
s.company-target.com
script.hotjar.com
scripts.cleverwebserver.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sender.cleverwebserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync.srv.stackadapt.com
tags.crwdcntrl.net
tjjkdyimqrb7jjnc6m5rpefjtu.appsync-api.eu-west-1.amazonaws.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
twire-assets.s3.eu-west-1.amazonaws.com
twire.gg
udmserve.net
ui.cleverwebserver.com
va.tawk.to
wrappers.geoedge.be
www.awin1.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
udmserve.net
va.tawk.to
104.102.45.165
104.18.35.167
104.18.36.155
108.138.9.235
13.248.245.213
13.32.27.113
13.32.27.54
13.42.237.35
138.201.84.252
142.250.181.230
142.250.186.130
142.250.186.166
144.76.91.199
145.239.193.130
147.75.84.158
151.101.193.108
162.19.138.118
162.19.138.82
172.64.149.180
18.170.173.249
18.66.112.99
18.66.122.109
18.66.122.113
18.66.147.120
18.66.97.10
18.66.97.2
185.89.210.244
193.0.160.130
2001:4860:4802:34::36
216.52.2.39
23.215.22.18
23.218.208.23
23.218.210.30
2600:9000:206f:5600:19:7d10:bd80:93a1
2600:9000:2240:a800:2:d490:4d80:93a1
2600:9000:2250:6000:a:e047:753:a221
2602:803:c003:200::41
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::6816:1983
2606:4700:10::6816:3556
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:4400::ac40:919c
2606:4700::6810:5514
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2001
2a00:1450:4001:812::2003
2a00:1450:4001:827::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:13::1400
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a0b:4d07:101::1
3.5.64.47
3.69.152.80
34.102.146.192
34.120.107.143
34.120.63.153
34.149.20.76
34.194.158.92
34.96.70.87
34.96.71.22
35.157.231.21
35.173.16.30
35.186.253.211
35.190.39.111
35.244.159.8
35.244.174.68
35.71.131.137
5.226.179.19
51.89.9.254
52.10.73.64
52.19.8.73
52.222.208.154
52.46.130.91
52.50.62.11
52.57.96.192
52.7.163.13
54.155.236.110
54.187.159.182
64.202.112.159
65.9.66.122
67.202.105.22
69.173.144.139
72.251.245.181
88.198.250.30
88.99.165.19
94.130.102.164
94.23.99.218
98.98.134.243
99.86.4.36
99.86.4.39
0063c2f012180ed77f6b0e766972ef32e6b29a7a680ae2664b26d9e0128c1271
02297ed4da6d17c6d89c903a6bbf2980353e77467405699e03baa56db4cc8650
029a7bcb251af1d4513838175b2196ab925b083ab4ecda64a4af7fd8d9643d0c
02eeeb46f47a84308caf029a8734b064447a0f52e01b30e56fb4d73d2228d150
02f91e80fd844289990926d8c44488dc5c8eb82aaa2bedde5a708422879022e1
033a416ecc30a516c54c6a0fac2d212a38fb051e5976cda49eb9d22264814a66
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
041b60ad0c80f7a56235df90fb93864fdaeb95bc69f3dc1729d0a2e80d725593
048113ac1aa883dfcb151ca3e9005b3e94d00a53350f25d16091974d0e76a250
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
061c8060ee3b26deb43f521fa58b05d4c6379a9b3be49040d430c5a21a8892d8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07f03e8521ea0d72b92d873e2485531de3ac8e695118567c6acedda121e54d81
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
09742fe463c9beb1bf6472ff9bf2f5d7b22b9524802f7ea94c1899a14098521c
0a3b8ae602fa889bd93307fa6fc1917791705e7616815109d501a9784f0af618
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c4ab72c4808a9df33e1706dc9a971c2d7764923992277655a2ab3ca2c2acef3
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0d702577b2fe76112fcf084b1b6a7ad835028f9e1ca9b88beed6348375516e42
0e65be173f5cf62dec77af861ef4428935adb07291340a9844ccb23770de1aa7
1092b288c44dc34db6071ed4d4c8f9ff74939a3427bcb28a48c0d5dcc19bf592
10befde33d62a97dbd5a84ce9b644691a3e540ccbc54d9f2413ac02821ca0280
10f2ada9b28ca8b3fc2deb7db2510406a9e57fb8eec6e9357d5aa32d16383698
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
1111ba75630b2133e6a1c8c8c9b29e767ca0892ab515d2b2c36a96e721836225
118c82ed7185b92b9e5958d9822baeb6e92ee43ff5e32b3d5d9f75865d847988
121ce1fd6ee2cb454702b3995302faa16193f3eaa51ece7c7470371b6718a7f6
13915f69c62ce808f8cecc372dc6e4414d782ba9a644c37ac1b9c138fb509216
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
16749b52418a9e9c3668db94ed965b00df682d190713e5bdb5efcf8cb5f3e7c5
16b636bb797e94f82866b806be745b3a868862bd593affc90c16b79faf907b53
16d9891f437f2291f41ff75685d11e9bc4ccfa24a4d97b8ff951b92104fd1473
1768f5ce4bad46f4907f598e6097e6e1340500f4d7d75a76266f3e6ab9463d5e
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1aef6b6a9e20ca92d7671e944fe5166e35012af52f003b02d75176279d7da8e2
1b6995e8349679d5a2cced78a0dd1c8e3cdd06103da575cfb1164be431495e11
1bae12f938f1ca388e0ee3aee92518410cb1ac5f5f877564f32aa651d6a02ea6
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cb730eaa1c1cd6bc869e6732f2d4aa9a746c314e93043defb571b21f1e95c30
1eb3f5c89868deb5a4deeb8a9737fe60b12e4e9c0a32eaac60fd2ea9979e1596
207841ec5c21872b4695d6941afa101c6f79dfb9b15d948b0f21be7f541db7b1
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2477947e77bb948ef86cb677ee6ac9332641d29ac3e216f894a3600209a3a798
2485481e696576d8e87583e6068147bdf7cd377e67397d194bd0358b4a6f1dd5
25084fe9dbaf744d6b75a4835140317a965b0b1b69e11eccccdd31ea9d08d65f
25487f7aa91f115d558f031ffaf0d399924b032100d24d467c3bd1cb026d9001
255c45e1c58d93291352e74bb85181b5380e9f860739d25d6755fc9c9573e2d8
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
26327e926acdf349a64147af84c8c838040ed993b55384c616a0983077ec1214
272e061f483042f2a5bff48c3ff824eff809aacfd7385a54645a2a2385ebcc11
2754748402fe794464bd2d2ace05db1bd2b86473bdb42dec5d4608ad4d076aaa
2c4f1efd8ec20b1a4dea1ea53efd43a6eaa9d8ff58a81280b7711fb5dce151cf
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d97f60c7471f1b7cf1e6a945d1d380dc12fb30bfb7bc7fa0986d415300483f0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e168784fa46cd4d5eaa9909c90cf5c6a2e3e82c633acd332fc592d3b9ec1480
2eebd4e0a1d80c6d521227b9f99c408ffa16a183db47b24f051f88d3a1f86c69
2f4f59c555ab2256240c7a3d1e9ed1cce7ed40cdcdd7800a68722c23844d63a9
2fb619c975da3a0261a54e5bf912cdc2f4007e4cb4cc04a0913d9869e3b92238
315a44f8e051f7e56b987d0c2b1e346843f646d146cdf1c54bbb5bd96cebc434
3162c67e01704d06fd77d78fefeb5937fee5f4ee326d369da13a5b25b75db16a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3318fa487719e51889a7dcf020018f2352b77b8e0de82f9d867ee2d522e61e73
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37a31522c9e0f219853289e55fbdf8ff8b37e2ad72a6a3f7044e8aa0a03795e1
37e4f2e779cf4b5ed577553219d2859da20bb1f4fa49f19e18bf69fab3c7a638
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
391734995276c705320f4128fb5479b2f3c8e308bc19637e3912db8887fbd7ae
3c24fcc82d47cfdd47b6d5051a9fca1e8b8416f1570b85974a4fc42e8fb4401d
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3cc17c5f71967733f20608b5e0a972eaf6d6c1d8724674321cb25280790332da
3cec791016f6953833b54fd9dc33c877a9b74290cf57da24acc9a58d803d2fec
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f57ccd907914fcb6a682a676f62ac6d9911e4235562e17c9deeb7a3d341047f
3fb09d8dfa98a366b6028bd580a7768cfd1401fe4489816f45b0e3a41b73f817
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4212de2981b28f1fa76a6c1b88a8b2219c8998c7f0c3ef22ff6e7f82a63c3f1e
425dd458f45b5fffb1c1b58a3afd6e0ab79b0b695ff5c946adeaf481a0893382
42a726b720a08323e442331a9a1ab4a9028a708852d293c09925e2ed6b5fca56
42b5db1ae2f95cda3c7b04f2b1403181a9578dc3f3d67bf351702210ce94835e
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44dec5526c39ca83d4e0a78f6f0eae745a88c0d28b871e12e08a60d099f69815
452b83a32814a3c71942b32c135b3ffc72906b0b723b9f071046414bbf1b5eb5
4632310b39a7302b24ff20a0af75dadb2a42cabfc6bd7016778aa5ef1aae8616
46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20
464ee4c87c40a60321e8c1a9ce2a1850bf71487c4073c0a188859fade4a3a0b0
465469e71c9e5929639cc6beef2ea4524fc7cfacd80c5e1fcd4df2eadc49dbe4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469e718efaeca9adbf4cf853c1f3695435a83177a30f9b86cb68550cd50fb7d2
4747776ed92a8aa0c6b7c680d10c3a1d393a0487ace798e047d2a1488b3a209b
4751c1c35ef1c500515f2dbb4075bd432acc0a933832adcd86defb01616012d7
479e2cba557cca405ff250e97cbb9ce14f417d70f391ffa95dd5de7b8bce3c0e
486775f597b863bd85b2c234ee94c66e2ffca402c434ab0ef295d2bb443bcf13
4ac965d25ef627b1893dcb895281aa7d1ae3444f5b9498e60ecb2204b14f4c52
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c08f2e7799b9072079184cd449e8f090e124fbaf13c38528a775d898ef26dfb
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e206b563d27b5a7a3f7cabf944d6d278e6e8640018a72ce7b7ff989f1396df9
4f2398b06e4d91da67215e7361fd989b573ca142fb1f540cb814556534387b82
4f7fb3df41709ac9f09cf7d6aa14502f215374d936f1048ecd7b5c66ea9dbbd9
4fc9f06e5be2e5ba9de022d7fea9175f0f5b9c1c7591abf5ad8e653d18b495c4
5123aab7250c4951322ed4f6439a673c9610ebeccc393fbe28e06b10c03b58c6
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
517c5f4bf739fb7d6f1198a30055b2042c817ac159beb202ec1be0c06128cce3
51e3f9911fe5c56a5e4fb256ba68317be599a614ce258650dc4cf15322b4fedb
53d2445e82b5abfeb2a5b4f3fc30c9bec4fc92ead2423fafe5871e7457d2d160
54234ee178ff4e627c78c241034f0a3f5eb4ec4ae37b40b8b1209090985257a6
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f6cfee5602fbf95013f492ef828b4563276573fbe92452a43cba45d5e60c56
5626545274de6de8e4e2c0f800b7b664bc3521f0ee9bc98547f3cbec3effe2d8
5777efb24d4cd52355d2028d75a7125059ec35721e781c2727235ed45652bd6b
57ae368608340dd82b53d909b43d0a563b9b48614c8553d21d2382b8407d87bf
58878384a25530a6b2f771d1956daef366585f69018f0bec2b965fc6f9b52b72
5bbd6854e9ed99d0999bc1ccdd606805c23463a2c485ec2d28c2266d7f5df4ae
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5df2fa7fd62d8dca0e164d3512c88a4b0b911af7a9f465f2509ea8528d8c87b3
5e28c52bc74fd27437cb09974e84361338c8b361d668ab5d2ed988d91e450ea5
5f539cefef8c2dffd1d82ef8e9d499226855c43ff57115352e463de4ce1a1d29
5fd572411a9aee979e2dff8cd706c93e67a68261c8ad07c8dc0759b65f93b30e
60a39d3cead4ccd9ae8380178da5f85e4d81967d9347a606ba310d452fcf6756
613701d292a2b02cebedba592060bc9e955d1d816be4790cfa6a1f76f33907c1
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
62906328092ea4fa14e7d22b1e448868de3bd3832868b7436e7d0e821e30ccb9
640f2390f889c1d688eb239b03e725c2ff07aaf0cf79db3725b70031986bb50b
646c56f1c9e5c238d0b487e84af18af5139a8d3cc9f3e839ebdcda3eb878c52e
665a3f4219f6d31879f104c3164cfa48e96b10de990aae74329eb6bb467d56f5
674adfaa217206823cc25c1eead4d36e09d7db7cdc4c9d1a35194efd27226b59
67d06347d40d5974130902082bd4cb236bb29e54fb9e94c79e54198474106dc9
6be601b04cf6cc03c16b4a1dce5d92f7e090c3711ad2c2714a21570fc4038b77
6c5267cd5adb0bbd6dded0996c8c34cd750122dafa137ff7949269e6505effc5
6e6aa7d165924c00e7e3d1ab6e9306e7dda76713e0670ef6c4a28776161332fe
6ea5b4f5dceb524731d6afad4deeea3868c8e9ae8c21ad31281a0b799a7eb978
6ece948d62a4eda0956596f1b363e8ed2de06d1c66c92ad021423d2ae51e06ba
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
71260d42a9f8108fe9f82b882a7145359eeaf44d0fa3c6121c4dfb1bfeb92ee4
7246f2abef9b0f8238a89c5a1e68209e17b51937f4fd210fee91eea3c6fbe7ae
72821928d50858a5770b1e950d7f02d5ee9ca751cae5de1735ec6db86efe0857
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75365a0513ac76806fb8f59af9df5d3002c69a3341b0afc1c80f364541b35d42
758cea4782f8fa93cbdc144859b3fda8cf28840bd7fa6d3aa67a82564ad223fe
75b11328827bb635b369ee1f4c8e9dad82b7b609d5bfc736d8ce1994a6f4c03b
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
75b754d526ef26265fa0f7d4ad271c17f57c00ae80076eac46aae9a03a80d847
76cd8e6d409510c24e338edaf835562468aa04992512d126d5c7f9709c16b5fa
78278b5c1f2b851af38fe569a9544e265d53a0c0b6f592bb5117f9b2f40c556b
78dd37d36207e7dcd5b22df5f4c153c20ec1c4665c48ba018f6831cea19f941b
79edbeec24fcf4e7a7f4986fec681b558c0d55aed123c49cb2d998b7f85b88a3
7adbf6e90d18c59cd6b68f077cc05b99cb44d953e336fd1400a39630e2e92e48
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c3fcbdaf7baea9cbaadf75cbe17eec5fe82a7b0c9b1511e7378cabbed998b24
7c4a4ae47218fe6ed46b93487efcb6c7bc3c64000224a39a2c32357f4e5f0097
7d24331b9ebae99b7c1a4f488e97e823f7efb8a4a9088911b8974dbbb9b34675
7f8cb4674f17ad081e523d4c30aec4c7467889fded4d9b129cfbaed1cebc2c1d
7f9ea849ddf908de55efc70e0081034bd858ac57ebf83111e81dda7ec69a2878
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
809fe664331ac3595eb7325295d42c43584df79fc140bcd2f48359b931f2753f
81359b742e424c97705d13f749a41c6c615e0cc946aa1cff2bf1a15fe470b434
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81fa6256a9407da6af7ce43195d600cddc57cbc2230bf0519c3a6b5838673594
825310f9bcc8892559317bfc87fc28d5d7bad06c02d562b5740aafcf4b040803
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82e62e4e13c01a465e99e3936f4045109ecc591441f71f9b2b1769367cb9f8f2
86e15e529c30552622cd4da11829d7fa986d3639e8c2bb978cc999779a89636c
86f64fe60b59830dc9669ad13778995ee98117652317d94e357470288b95d8ef
87b03660c966dad56aaf31912dc4532dd9d924dcaac2d20d63c59c7485cf1d7c
87c0dc80f4f650aea2f16ba7b3b8aca13b94f4f876d91bcf70de2141643364db
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a2e103dad18e6ba8d566f4edf15716a4a22cb1854182b9f13e768011e245741
8ace528e1f41f22c0c2c12c3e9547f1895248b65c1aa5bc8b3bea218f7f0861e
8c518ad01f7e216cb4e63409658ca7fdb522ada3a923cea87d8c0464dc520c43
8c94de205aa27277f9b252832125105a71fb66c53d31516e271daec285743b48
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1a8d02505b47fd6a3a0b11f188baf8cbcb165fa39ab7cd0426dd1ea3f15588
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
925faafb3587f612ecc0b56301e323e5f023c2d1d484ccd3a9ddc5a9724af342
94116ffd05cb12fdef327ec8b10d68b48e1950c1bb61122aa53cf5b876714589
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
968041f897626b49023ad546fc20c96b529edf127da5552a2fcd22650d5d853d
97260d3e031f669f4d945873d3ec99848fd9b7917c1e5b7bc67830db215be772
9730f932aa42c2506c0f92d4e9e32392fc5b4a01bd968da4311e1f614ed50d8c
980aaab4d8045ba522cf21175206f19ab377e582349e45bc1d9b2038f3761433
9857ddef881abf3c6b38ed88513a1c281d7d83792416a72d1eee20fa08ac8762
988a40deb30ca96a0db8ae7beaaa1bd27e94b484f10bf811384fc4b89dabf066
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cafa5608f31280ec339b47e68e48e10dbd6838405ba3719db6d7a9c05566281
9ce13703e8a31da725f88193a9b237d35ae862540597827cfbe1c9ad6f343ce8
9fee2f4deacb8662b7482f426e76ebacee4c94037f2e410e9ae559c718d497a5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a603b2b20c78990ff3b6b9e99a5d303b936d8885950ced8135df87c23eff4f20
a6b8586c578efc1d4979e6ceb4a26ef835919fbe508cadd853d9e7c37bf6fcbb
a7cdae9a6c33e2f3aa1cdebb00a758f5d374fa5fefa5ca5417f77e00243b98f8
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab3d438837b7f1c4ebce6980cc9274cd2e6adcc8af9be6f5cfc47ef2c4c464e3
abdfa3848f7a4fff604e12cb77934b4e95d0febad87d6b0eac84acc7b18591b8
ac13bccbe12484a3dd0e5ee56b867858796f218043c8532d34d9e547750a5f8b
acb0b2327a4ec8511fb8baa1934db113c6a16249d1b4405c37a19083bd3a3818
adb13a7bc0ba529263b371bdca359d4fce523479c5faff92cb59609e35dfff53
b02f712bafaaaf093abcbe50187969700636642c4a9b659974eae2da90b2f914
b04127696656d3aee3ac55da9869ab39d650be102797a4c71d2803539ae1cc4d
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bb866e0138d354045038ee9ee44022b5e2d8db530c2a1fe364b61bde1f4bdd
b207c848b4d580cf8a3ed4d74a3dad2a5a45b4fd618b94bf0be91f186d0795e0
b2728aa1c71b950cfd17ea8c387fc4c5dc0aadea367d706df3a4060d8e9c426a
b2f9d40677eaea428eb387e6eddf9d171187e9a7a6fc23865fea6652a11f9a5e
b30d7aedc7504c3afb76d8a0911a72b9f7a9a77513b5524f12ecb35cf1afe596
b3120ae4d2b9fa5abe1421a5319cce0f067445b751276b43b63dda0dafb9ef61
b4f230269822236113ecde61a3f6c70dd08fff83314467021aa058d6e1f6d2fe
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b57e305442d6fbed80ca4a0cf50e79c40d2042f8fbe1288d12c8210b10074939
b5b711ea4fc517f0510490262725423aba86512e1f3680ee09ca5ffc03c6cb4f
b61facd86cbcd4fa6cf680d91d3709e5bb28af1af595e465ba35c46eba647ee0
b63402b63b0f1d97b0dc728f332ebcbf65d4ecbb5c9a5b6be9196b8ca522a184
b6e1638fed49905e67e6ce5b1974956e4d1c6a24ffe1b37fc7adb070e46ee0e8
baa21fe77fd113e4b10fac2adf4fbcce0dbc0b5a9c5d9ecb135afb85fc1a162f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9ead60188b7765764271169544188f8fd34e29c950417b6ac4e0a9715c81f1
bd55e4badcdc57f555d77a4c1ec0f7bf553397b6200b8e12ab5cba601c9bc320
be664306bd684ae0e740cd85474ec4196c52ae3f17ec9276ca8364003f6d6cdf
c0b291db73ba6e09f26f9d66d6eb780815ec6cb50c5ae50e4fbfe5bfa54f8dea
c0f02758d314af676dbde8473e963dc8b8088e695f92e8e02cf5563f4bc80cc1
c14771fa67fb1b56cffec66d648e3f70897fffb7fffb86915bd0cb32c191f6fb
c18ead6052b1821a35ef8f730679882af10c4295af27f4cb433e03b267bcbdf0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c402dac34a2ddb65a30763afd1e50c65ccd82117b61a773f2512bc6e2dace631
c42107e2006748e9fbc0364aabe021e6cc1116c6f3c560d961540c867ba8f8bf
c42b50789ee613acb6fa2dea19e101a830a9c5c3697a8ded7d2e1cf11f790002
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c78d0e406dc1a48d92adc76ffef89f5bf019c65f5b48de67320a25d8cafd6ca6
c8b8b8f0e47dea298e1b1006c1aaa1fed755aaa5519925182494cb3776405490
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca75b50f3af4ac3766b5a121f506782595a346caad6023436ccb68dde7b56897
cbd669a7e65b9316db3b68584e8908ede860be590c9e9ae52042415173d7a869
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf49bcce1a47f995f14194cd2010b15e628fe45bc70af25a2e28b76d03418868
cfa58e7051d4ff0467a2324fd3bb9d98ab55fdc6c00e6a9bf7bfdd63290ab12c
cfcbd286ed4c1816bb42784287122cca187412452359bb56cda1e8120e02adcc
d05600f74535cbc2130209c0e3ef691ee3e2a72bb76aff884328f057aa0e5260
d2c73e2c1c22137543a803622f22245a9a763b1134ee2d4ba084720ac44b28d2
d2c75f775f72347fa69ca6d9f8c8594e44c9092277f095913d00916a80cd3a2b
d52ab65b92d5ec616358b8a10ec7f6b49375a3bac3092ef6e37eaa2c31210012
d6232605f22072fbbf84e563cdbc237ce1749de1eb470c38912cbaeab09b32f9
dc809b23f29203c129a69f4562e57011cfe247cb01b8133e8168187964a5b2fb
de9b62b760530dc781e3103ddf5a09364428ee54977ca1bf4d5eb072bd3f0759
def610dcfcfb2f364d5b90c32bf285b70f0291c04fd106b1a1ef330cc732e175
e033a347af868f597c7e12a12a5f4d1d543af72c3fa8a1d2ea95e893b672ff3e
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2402aec976949125b1b857deaf2b92012c2dafe84072802b57b0b3d271c17e7
e286c2fb9da74360de127c0143bfa018f6b110b18e699151656752dc7acb95c1
e3281c56225b0ee167aa10f945162d5c5959fc64ab8bdc0021c08a5816ef6f68
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e34667136f6cb7821e9e082dccbd0d64b6e16dba47ce1fccbcad99675f405285
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42d23adeab3ab7c6780676cee144e7d6f480dd35afa9831378350fea8a59de7
e42d362386dbc519c8ab9d033c98d0df5c047ef1070d97fb49ed65ca6d7360f2
e4aa98fac565d97669f3e22a887044aa3288775263144509865653fbe6233d2b
e5f15be8ce6e7151f75650c60f911022bf5208f80a776391dd99a0789d1c3fae
e61c4e6329cd556c29d06b734619e457a543cfe363501bb52f0c55c10eb5a0c5
e645c935175124a5066d1c4124a6ef7ca02a3e000d37516ec3919586487fa0d5
e720e3a72e34dac73187012258589e6a00b7825aee443d90fd622e2db55c3dc6
e759dccba5bc383814ab190daba0d12ef591ad9f161502a47222c2eacf770606
e80d714480a795617992d733d0678e5ad5025f8852b35d20a402a78fce4ccaf8
e858dc102d86f45bb54d1157e73c05f8e7a49b5f17b58fdf57e23d65d8518593
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8addf983432df71ff2c184d64aea3981cd9de6ad3785ee06d35aed20a4b9008
e94f86b4cc1e641c6c22e7936800564eca84851d58fe705941afabd6839976a7
e993b177afce4a176c553c69fca93de7dd6bca23cb760e89bd5cda597d7453f5
e9d648da3f5b522a792fc73dee36fb3b39429fadbb4438151eafb3fa2741469b
eb0b6031197e98d29e637f9ec4c10df2d80bc519c46cb3a3e333a075a3aad09a
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec2799d7c25cbe580baf949601bc59cedf304dcb03772e02fbb6f51080b150a0
ecc202b00f49fafa7ec56029d611e265a7bb1ee5c1f71b5c6c5acd6bde84c55a
ed385b8cd20466568e23146465e67ac9f063112263b85616c696ca40cd8c18ce
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef29b9f9460612eadb83cd3200a11b5758da32758d749a41b03bb1063dbf4148
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
ef8f85ca64ad49a9f3c182fbf277c4d3b8bba59c41f3e44e3a00107db922744d
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f04615fb629cd0769b557dee25962c2811531e256aaebc6f8b0a24c79dc24dc2
f2feeb7a717ed3d7e85aedc3cd2ea106d672bc7bd80a7df415c44abd2ea50802
f45cbaccf65a542ede497e536ee4c8ca0219a6ad2b931b5bde3ff307507a7abb
f58fb4bb88b3915de9beb9c279f83e8dddb03ea0f2cfb3294abb73f72f1d2fb6
f5f6dd995b5c22a09551b4ba55537832240ca183b355e0333e03d584833e660d
f632e41218d1ebf02c3ba43344a40e135313adfc7ab5f75f74aa84b6fa2f3708
f66a6055826b5709194452448c4d99ccea7ec23d013a7c1537e0d38cdd26f831
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f9d5abb40e72708dec5691e0588cb2cd205e080b3fe490bc2432b068309d0bb5
fac6996dd2267a402f0484adca75de4c96fd4d35b6f499b6698466ed99451d74
fad9663a8a15a1f342f446d1c54ced0e9dbbd6767b14201d9a0199a9a49ac19b
fb3729d41df720c76e0a8948d6573e0a4b0ce5d5b543ef051d71ddcb64719fce
fc72d3ac6f312cdcb2b1381fb536e0f1be84650b6b681b9cc35a80c7b3ae0adb
fd32bd6c0095ddf2ab3ea5aeb96e3c6f107946d7ed33dc8a3992d9cd5085f0f3
fd354a1fc5f64b1c93f0e04e91f0d66ffbfe3e0fd9f7fb537a5a72830049bc9b
fe2dcc28b9167690e20e91bb452cf5e5de66fce0c3fcf97dcaa671094023ea21
ff5d1a24c075eabe4b1ee31825e2f76b6c55aac8abecdde21f5a4567189cf70d