twdown.net Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://twdown.net/
Submission: On April 27 via manual (April 27th 2023, 8:24:03 am UTC) from IE — Scanned from NL

Summary HTTP 136 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 21 domains to perform 136 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is twdown.net. The Cisco Umbrella rank of the primary domain is 865392.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2022. Valid for: a year.

This is the only time twdown.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2 32	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
4 9	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4009:19::9	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.120.144.155 3.120.144.155	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
136	28

12 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

twdown.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.215 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:19::9 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r4---sn-aigl6nzk.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.144.155 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-144-155.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	602 KB
28	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	206 KB
20	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com	376 KB
12	twdown.net twdown.net — Cisco Umbrella Rank: 865392	156 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	5 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	291 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	1 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876	3 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1341 r.turn.com	869 B
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 4003 r4---sn-aigl6nzk.gvt1.com — Cisco Umbrella Rank: 798999	1 MB
2	google.nl adservice.google.nl — Cisco Umbrella Rank: 11490	696 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	21 KB
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1886	351 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2823	173 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1223	713 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 744	873 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1063	463 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	10 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	603 B
136	21

	Domain	Requested by
32	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net twdown.net tpc.googlesyndication.com pagead2.googlesyndication.com
19	pagead2.googlesyndication.com	twdown.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net twdown.net
12	twdown.net	twdown.net
9	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net twdown.net
9	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	twdown.net googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net twdown.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	x.bidswitch.net	2 redirects
2	csi.gstatic.com	www.gstatic.com
2	googleads4.g.doubleclick.net	twdown.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.nl	pagead2.googlesyndication.com
2	www.google-analytics.com	twdown.net www.google-analytics.com
1	rtb.openx.net	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	r4---sn-aigl6nzk.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	s0.2mdn.net	twdown.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
136	33

This site contains links to these domains. Also see Links.

Domain
fdown.net
fbdown.net

Subject Issuer	Validity	Valid
twdown.net Cloudflare Inc ECC CA-3	`2022-06-29` - `2023-06-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://twdown.net/
Frame ID: AC580F9CA29B3FE7F13F7AE121E8C898
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20190131/zrt_lookup.html
Frame ID: 2DA7A2067DB6989BCFA84A709015E6E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=90&slotname=3333461467&adk=1530463091&adf=910641620&pi=t.ma~as.3333461467&w=730&fwrn=4&fwrnh=100&lmt=1682583838&rafmt=2&format=730x90&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583838724&bpp=6&bdt=357&idt=194&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&correlator=7335199391172&frm=20&pv=2&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=435&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFyNpAQrqG&p=https%3A//twdown.net&dtd=219
Frame ID: 8A49F4D1EC33FF21648F18EB957AA574
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&adk=1812271804&adf=3025194257&lmt=1682583838&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Ftwdown.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583838746&bpp=2&bdt=379&idt=209&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x90&nras=1&correlator=7335199391172&frm=20&pv=1&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=225
Frame ID: 5C537B315AC0C0A85340A1B26DD2B1D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3CD8A779A5069D07E27C6851D969CE63
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=280&adk=601698387&adf=1516740158&pi=t.aa~a.4090970218~i.13~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1682583839&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8051441020&ad_type=text_image&format=1140x280&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583839976&bpp=1&bdt=1609&idt=1&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5a54a6098697964-2211e4fbafdd0017%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbVXbF_89aQRE_fjXjrf_X9PAINJg&gpic=UID%3D00000bf1712bf2b5%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbX0YLkSoHoFsyAEpuCfpYzVBORnA&prev_fmts=730x90%2C0x0&nras=2&correlator=7335199391172&frm=20&pv=1&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&psts=ABHeCvi52CwusIATt3HzFJpcFAN_VEYkpjZNMhO8sJqYOJBNJDaH4wUmLfv59tJhSmQWdiJm4tjemJZdi7qVTR2PjCqT5w&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8uxNgrfsS9&p=https%3A//twdown.net&dtd=12
Frame ID: F449DAE558569F3180238E8668667F01
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=90&adk=3873505507&adf=1959862982&pi=t.aa~a.3711612684~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1682583840&rafmt=1&to=qs&pwprc=8051441020&format=1140x90&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583840008&bpp=1&bdt=1641&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5a54a6098697964-2211e4fbafdd0017%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbVXbF_89aQRE_fjXjrf_X9PAINJg&gpic=UID%3D00000bf1712bf2b5%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbX0YLkSoHoFsyAEpuCfpYzVBORnA&prev_fmts=730x90%2C0x0%2C1140x280&nras=3&correlator=7335199391172&frm=20&pv=1&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1716&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&psts=ABHeCvi52CwusIATt3HzFJpcFAN_VEYkpjZNMhO8sJqYOJBNJDaH4wUmLfv59tJhSmQWdiJm4tjemJZdi7qVTR2PjCqT5w&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ziZyWxHOGj&p=https%3A//twdown.net&dtd=85
Frame ID: 35168879139B0FF1507D46616189F8F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=90&adk=3873505507&adf=4143069308&pi=t.aa~a.3711612684~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1682583840&rafmt=1&to=qs&pwprc=8051441020&format=1140x90&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583840008&bpp=1&bdt=1642&idt=1&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5a54a6098697964-2211e4fbafdd0017%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbVXbF_89aQRE_fjXjrf_X9PAINJg&gpic=UID%3D00000bf1712bf2b5%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbX0YLkSoHoFsyAEpuCfpYzVBORnA&prev_fmts=730x90%2C0x0%2C1140x280%2C1140x90&nras=4&correlator=7335199391172&frm=20&pv=1&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&psts=ABHeCvi52CwusIATt3HzFJpcFAN_VEYkpjZNMhO8sJqYOJBNJDaH4wUmLfv59tJhSmQWdiJm4tjemJZdi7qVTR2PjCqT5w&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=L6wJnWv7Sx&p=https%3A//twdown.net&dtd=157
Frame ID: E141F0BB63E20013DEE1EBFF558DC283
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1
Frame ID: C987F080FE0E8BD96D6BBBB02C58A720
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1
Frame ID: 403570B0DBB7F3D36910411A0BDB49F9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1
Frame ID: 56A5238422FB06A15728AE37F23691F9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1
Frame ID: B153A2F849448026FE9D0409D2863D65
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBC6zZbUAxjC-Z3hATAB&v=APEucNV2F_H9jx6QxdLJV8_TvtMQ-vcdZ3ZU3Wn7SiFW-liHuk7fjCEtGi28VSb9nGhcxuHZWMSlcy_sjiDGbs1ek-B96xisJpm8mWmOOIs6SHxAofyGZFGABPwloJPus9zvc1L454RfNN9xOZCqZJpahmk5MJfggFxx7FsWHFR3xWvEEGrMbSE
Frame ID: 8BD4367774A51E9ED096571CF4610D3A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite_fy2021.js
Frame ID: 27561D0D09C1FB533C1CF8434C5CFA9D
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 08F9160E0110AB95C34F9CB6CD5CBDD2
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EA0068F55DAEAD7791DABB6B8B949060
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: D4756611F1186522A3CF63FD08CD2DE2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: B91DBFF4FEAC16A422D2427DED323DD2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 68AD9AE30593A28733FB41CE477B44C8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: F198EE0A4C8D8CE7BC053635E9379C9A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 31BED44DF0F97EFC6B5E816D3C1B4A7D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: 4F7706F1BA2BB639B574B4A10053DF4F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js
Frame ID: 223D2F58465F87AA958B077DD190C494
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BC922888B43DCCD362DDC2897B6A0E73
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 907EF7FD87E9A82C7711447D8571DDF1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Twitter Video Downloader Online - Download Twitter Videos

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

136
Requests

92 %
HTTPS

68 %
IPv6

21
Domains

33
Subdomains

28
IPs

5
Countries

3051 kB
Transfer

5536 kB
Size

23
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://fdown.net/
Title: Facebook Downloader

Search URL Search Domain Scan URL

URL: http://fbdown.net/
Title: Facebook Video Downloader

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIiGpGcK5IVV3usqkpxSIyg&google_cver=1

Request Chain 85

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEoxIJyrZj133SeRYf8JJwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIiGpGcK5IVV3usqkpxSIyg&google_cver=1

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHeVkaIHeXk8qq2-83my24o&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHeVkaIHeXk8qq2-83my24o%26google_cver%3D1

Request Chain 87

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMjg1NzQ4MTIwODY2NTM1OA%3D%3D

Request Chain 105

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXpqu42gEQkAEYkAEyCCjCB-EB92Hx HTTP 301
https://tpc.googlesyndication.com/simgad/6750730227827852970

Request Chain 106

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXpqvVjwEQrAIYrAIyCJNbEGjevPdx HTTP 301
https://tpc.googlesyndication.com/simgad/17534842168602648219

Request Chain 109

https://redirector.gvt1.com/videoplayback?id=68b59c4a9442517b&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1682591040&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=845FC4A563C1557F89B519272FF73336F9D4B42F.83E6C99EED4017C6340CEA70CC4A2D519D6CAAC8&key=ck2 HTTP 302
https://r4---sn-aigl6nzk.gvt1.com/videoplayback?id=68b59c4a9442517b&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1682591040&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=139C1554F775A74EDFACAF5F6F32CB470044B298.62170BBC5DB73A89688A6297C24AB0BCE4D84295&key=cms1&cms_redirect=yes&mh=RH&mip=2001:1af8:4020:a034:1000::8&mm=28&mn=sn-aigl6nzk&ms=nvh&mt=1682582973&mv=u&mvi=4&pl=43

Request Chain 117

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKz_AiZ_NmHCtTmzJwnX-8Q&google_cver=1&google_push=ATf1kGMLLWSV16FImyCNQdTeI7YABODJktRG-sEbAvdoQo5pDlDCPJDr5w5ARH_m_FEiX6G3og2P6_kQzxVgn3fa5pnS5XHquD3x HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODMyMTgzMzU4ODUwMDg2OTk4OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKz_AiZ_NmHCtTmzJwnX-8Q&google_cver=1

Request Chain 119

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJr3YNgoJWX4NFhiOkbXjk0&google_cver=1&google_push=ATf1kGPvDcdEa_LvK2Ge7nU3pYd6JoQ7x2r15CpkvBpTEyuEywI4k1DOHEpqC0yP_b3H8phKzWJc9G0tzC-3tM-0tnrBeBzHaNGT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPvDcdEa_LvK2Ge7nU3pYd6JoQ7x2r15CpkvBpTEyuEywI4k1DOHEpqC0yP_b3H8phKzWJc9G0tzC-3tM-0tnrBeBzHaNGT

Request Chain 120

https://um.simpli.fi/gp_match?google_gid=CAESELgJ4s5Dsf4ohvM_-7xQr18&google_cver=1&google_push=ATf1kGNrKwmJI6YEieedtHBpTAWV10a7zGUdPZjI5vLHn3GWsfqoYD7NGmj5q4znFJgtdJrUtfakJlgVORdKG5MJDU3cMVp-_Tpn-w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A1C12DA6696940748087E0B79B9A16D4&google_push=ATf1kGNrKwmJI6YEieedtHBpTAWV10a7zGUdPZjI5vLHn3GWsfqoYD7NGmj5q4znFJgtdJrUtfakJlgVORdKG5MJDU3cMVp-_Tpn-w

Request Chain 122

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDC3yQRXSKiOuFLl2Ow3XOE&google_cver=1&google_push=ATf1kGPh4hq8H-zx6-V3iXtAl9rlD_e7aU9pUNxbCITggfUsl8m-ST0LWR2NTKP10kirORzMBsWPilbeCkGF0EaKqIhs7yISdI020g HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDC3yQRXSKiOuFLl2Ow3XOE&google_cver=1&google_push=ATf1kGPh4hq8H-zx6-V3iXtAl9rlD_e7aU9pUNxbCITggfUsl8m-ST0LWR2NTKP10kirORzMBsWPilbeCkGF0EaKqIhs7yISdI020g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPh4hq8H-zx6-V3iXtAl9rlD_e7aU9pUNxbCITggfUsl8m-ST0LWR2NTKP10kirORzMBsWPilbeCkGF0EaKqIhs7yISdI020g&google_hm=hrFHI6z4Qz6D9JRJ3Hc9pA==

Request Chain 125

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

136 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
twdown.net/ 10 KB
3 KB 317ms
277ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://twdown.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4d37594ef5d6374d399b328db38c048b66b994281eb918e6482df1a00b429e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7be5aa9c1d770bb6-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 27 Apr 2023 08:23:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eN6C3f%2FZdFitfYGpJQ%2FiAp9trdwaOs9BgrakSfKCNrFSH0xXLJtd%2Bx962AUztA1U1dC%2FKRQRgKWRtLP3S74J0WiljFi0ugsKFWuSnNLk1tUhP%2Becpih3IvTg9aQTkKwIM%2BpJKGsOnQC5"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 bootstrap.min.css
twdown.net/css/ 117 KB
21 KB 24ms
23ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://twdown.net/css/bootstrap.min.css
Requested by: Host: twdown.net
URL: https://twdown.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffdc9450b1cf86a9b3d5c99ba6324d80039818f85360f5eda5d42f2d3d9eebeb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Apr 2018 23:38:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5992
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClUbBH5kv%2F%2FiDywskwX9xnbI574peAUkDKU6ltQ2%2Bys%2F0CLjOnJmR2%2BK7qYSpBduU2gXKWp%2Bqaemzp2yDRMAp1SQjMRM6RfMzlY9mzxIrEQ7UCdShF4zCjU3P4y1td2uOpRK%2BgH%2FoI7D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7be5aa9ddf6f0bb6-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
twdown.net/css/ 2 KB
1 KB 21ms
20ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://twdown.net/css/style.css
Requested by: Host: twdown.net
URL: https://twdown.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199de76cc4b8c6d0b8c9fa75653999071f17e025dd7f25cc6bf3893f8317b9b8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 17 Mar 2019 17:00:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5992
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebNJAKEy5IK7npsC2t%2Bwxx1C3v3NGqyyHvOp7%2BG8GJCbjIM6SyGA517vcvkdFfHg7VNhUuaRt5HVNwx72lUkkpUN431ZoOiaTJXjwC6PWwymAfbdm4HwZEsYSeGDPznMT%2FNdddFBatBA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7be5aa9ddf6e0bb6-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
twdown.net/js/ 81 KB
30 KB 26ms
25ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://twdown.net/js/jquery.min.js
Requested by: Host: twdown.net
URL: https://twdown.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b96845c0eccb0e864e606db06ff08da281117359d9947310de93bcd52038a74e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Jan 2016 17:43:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5992
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTL4yiHqO5fuRuKjsqn2YbCjJCcdc7ErEdeD2NAw5%2BQ07x5YWOSYoIKur%2FWo4NZmRoOeJuS5IJnfh710ScPUfzh8GMrkS48JPVIXY5LMcw0jcgc5AgWHOmxy%2FV01Tl0oys2Pf0WpnYgY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7be5aa9ddf710bb6-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.js Show response
twdown.net/js/ 27 KB
8 KB 23ms
22ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://twdown.net/js/bootstrap.min.js
Requested by: Host: twdown.net
URL: https://twdown.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e460b21839bf49543aeac626269114e5bc49092a516d7e94da7dbaee582bfd6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Jan 2016 17:43:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5992
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9m9Tt643K6YrInNBCHeApOO5mpkqRyp3vTmLtNmzZUdIdAtKEQ1oWT8ILaRXhYu9jxs1nF91Ui7tSFrB2JU2pfFopraHZiv6Mj3GqbIhBfA14xhQr2oBPQKv32pPl5wKQxRcMtX5s9L"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7be5aa9ddf730bb6-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 scripts.js Show response
twdown.net/js/ 0
306 B 21ms
21ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://twdown.net/js/scripts.js
Requested by: Host: twdown.net
URL: https://twdown.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:58 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Jan 2016 17:43:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5992
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEiEPsuPaWzumeagrx2utqTA2SspVftcXP5Ge%2FI%2FSkxo3o3sT%2BQsvewsQpdASk9CKAzfOoROE3BCIdU5GkLXUhh%2BUkczuUQSAW7vXDDjA6BsgNeWUI56x1iOe%2FfbaY0p2gOmAkDhIqSO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7be5aa9ddf740bb6-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 twdown.net.png
twdown.net/img/ 26 KB
26 KB 20ms
20ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twdown.net/img/twdown.net.png
Requested by: Host: twdown.net
URL: https://twdown.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e41e3b9bcaf35df3fe050d6149b58d1a8f20d174d33fe63546b19ac10ccc95f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:58 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 19:02:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5342
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1uKnUGHuWqvbiIFjHfMnMhicQuNJMAaoFWD6F341gy8wWWObZ5imWBAznb04xQJ483MoBcAsHzln9qXT6cvQmTLzLXfsrZgUQskMS5ti3A5TGG0CLy0v0WkUTFrvrDl981%2Fg8t8sQZn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7be5aa9e0a280e81-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26274

GET
H3 200 twitter-video-downloader-online.png
twdown.net/img/ 32 KB
33 KB 19ms
19ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twdown.net/img/twitter-video-downloader-online.png
Requested by: Host: twdown.net
URL: https://twdown.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b559efedf8737c9f893fac2154fcf1223f5a2776b544cc274c6cd81752c83325

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:58 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 18:58:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5342
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1V%2B0E%2F4fdQmdtdk%2BwoOkvUni96h8EqlxaP8QQ3UQVO6nlzDGQZYETEDte4VGpyunnqMrOjB7LPkjGluHcSshvyv1xBP84GSbhJSUSgjsSddLDwZpZ7sZCnmLy2EKu%2F6TzGUnT8QqdSRE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7be5aa9e3a650e81-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33235

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 203ms
152ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4959bb4b0d2e0d272cce7d3b768f32c93f3362d47b51751ec64540aeb0e01526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47221
x-xss-protection: 0
server: cafe
etag: 15040742779377749578
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 08:23:58 GMT

GET
H3 200 download-twitter-videos.png
twdown.net/img/ 4 KB
4 KB 20ms
20ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twdown.net/img/download-twitter-videos.png
Requested by: Host: twdown.net
URL: https://twdown.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d17032b119ba67ed596d20845b809e9a0ffd10f0dd158b56f892a7993db0139c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:58 GMT
cf-cache-status: HIT
last-modified: Thu, 12 Apr 2018 23:36:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 853
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ip54oJQNbEKUJkrOO5FDBexNLqCq%2B8XVJiw5j%2FORKIsObFbca9KjYgHFRuAKTi%2BRMb7QVVNC1NgvqlitTF4N8eUxUwiBNlpN3MKEMHhzhFtfl2D3BIdL11lma9ahSB2Vg8LOz1Zitl%2Br"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7be5aa9e8ac00e81-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4071

GET
H3 200 twitter-video-converter.png
twdown.net/img/ 8 KB
8 KB 20ms
20ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twdown.net/img/twitter-video-converter.png
Requested by: Host: twdown.net
URL: https://twdown.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e1278c804aea9c18fd2e82c80c1dbf7156d3e6b8f09aa6047fabf986f32a66c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:58 GMT
cf-cache-status: HIT
last-modified: Thu, 12 Apr 2018 23:36:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 852
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Y7P2IVl8cr8FP0bNjX%2Bt7vEthp6c7GXFpThrJS8mpiMEcoa6dEom1k%2Fnqff5x9zMS9NSEnZEi1%2Bjn1FLkVPdcyt4QmNfh%2BXARD8Vqyi9QDIr5N3cxXugdTE5mM6Jo0kx%2FGaSLRTtM1o"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7be5aa9e9ad00e81-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7771

GET
H3 200 twitter-to-mp3-converter-online.png
twdown.net/img/ 4 KB
4 KB 21ms
20ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twdown.net/img/twitter-to-mp3-converter-online.png
Requested by: Host: twdown.net
URL: https://twdown.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d60ad46be856b389b813d757e995daf07fc96a2238a37088bfb7ff058b1b2fe0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:58 GMT
cf-cache-status: HIT
last-modified: Thu, 12 Apr 2018 23:36:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1291
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83DZf5BjdFslZs6ps8asyO3rpebo1OfPeoTrMiEaueuK8UJI4viua2DeQ5elll4kq5JkXx5%2FE44LGEXGwxsdaSv%2FltmXoGq8aN3AtEdjE8wbGf6rvTbKpao3bAoY9dBxrqxv51AMLdYq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7be5aa9e9ad10e81-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3707

GET
H2 200 css
fonts.googleapis.com/ 3 KB
898 B 83ms
35ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand:400,500,700

Requested by

Host: twdown.net
URL: https://twdown.net/css/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0147b56790c6083ed251188b1f7bd1a026b4accecb54019a35d1b6c42b76ab87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Apr 2023 08:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 08:00:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Apr 2023 08:23:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 101ms
31ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Apr 2023 06:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6494
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 27 Apr 2023 08:35:44 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v30/ 25 KB
26 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://twdown.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 541115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25672
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H3 200 glyphicons-halflings-regular.woff2
twdown.net/fonts/ 18 KB
18 KB 21ms
21ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://twdown.net/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: twdown.net
URL: https://twdown.net/css/bootstrap.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://twdown.net/css/bootstrap.min.css
Origin: https://twdown.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:58 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Jan 2016 17:43:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5761
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nESBzSpG73Y3G2ijahS1yASskMCHDvtz%2BPfaa8t%2BQaoiFl7I92vNBqs4FhsQBBKZzMvuG1YOQ2G8Zo%2F%2FDZ8Aexdr79k7H0AUI215lEjOfNAVkZmG2VluY3DvEe3e9K8VHYMqirYP4KXk"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7be5aa9e9adb0e81-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18028

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
204 B 38ms
38ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=572853684&t=pageview&_s=1&dl=https%3A%2F%2Ftwdown.net%2F&ul=en-us&de=UTF-8&dt=Twitter%20Video%20Downloader%20Online%20-%20Download%20Twitter%20Videos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1599697299&gjid=545854652&cid=1337216479.1682583839&tid=UA-89665192-1&_gid=878724353.1682583839&_r=1&_slc=1&z=396883701

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://twdown.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:23:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://twdown.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304240101/ 354 KB
119 KB 94ms
92ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9232253514792453&plah=twdown.net&bust=31074130

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9130219613b5666c0dfd666925ca7660f955c35180f4a92798323421773662dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121859
x-xss-protection: 0
server: cafe
etag: 10669500106576507602
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 08:23:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230424/r20190131/ Frame 2DA7 10 KB
5 KB 85ms
34ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230424/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twdown.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 47654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 19:09:44 GMT
etag: 2378337311435320485
expires: Wed, 10 May 2023 19:09:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
603 B 99ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=twdown.net&callback=_gfp_s_&client=ca-pub-9232253514792453

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9232253514792453&plah=twdown.net&bust=31074130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb3ec02ec3d192d5c2d080d8e5c09a7386ca5aafe94c49928362e5389b61c3dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 95ms
29ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=twdown.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 114ms
51ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=twdown.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A49 97 KB
33 KB 725ms
724ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=90&slotname=3333461467&adk=1530463091&adf=910641620&pi=t.ma~as.3333461467&w=730&fwrn=4&fwrnh=100&lmt=1682583838&rafmt=2&format=730x90&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583838724&bpp=6&bdt=357&idt=194&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&correlator=7335199391172&frm=20&pv=2&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=435&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFyNpAQrqG&p=https%3A//twdown.net&dtd=219

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f73e848b24ad40c15afaf69b53807860a288705b8ebbbbc42479c3361eeb4948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twdown.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33139
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 08:23:59 GMT
expires: Thu, 27 Apr 2023 08:23:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C53 527 KB
111 KB 861ms
860ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&adk=1812271804&adf=3025194257&lmt=1682583838&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Ftwdown.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583838746&bpp=2&bdt=379&idt=209&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x90&nras=1&correlator=7335199391172&frm=20&pv=1&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=225

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee011146ed8f069603ac7e245b304b39c02a0cd0ca8cf17063ca021bb64b78e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twdown.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 113697
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 08:23:59 GMT
expires: Thu, 27 Apr 2023 08:23:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 8A49 9 KB
1017 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=90&slotname=3333461467&adk=1530463091&adf=910641620&pi=t.ma~as.3333461467&w=730&fwrn=4&fwrnh=100&lmt=1682583838&rafmt=2&format=730x90&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583838724&bpp=6&bdt=357&idt=194&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&correlator=7335199391172&frm=20&pv=2&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=435&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFyNpAQrqG&p=https%3A//twdown.net&dtd=219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Apr 2023 08:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 07:10:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Apr 2023 08:23:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 8A49 2 KB
846 B 79ms
25ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:53:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8A49 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5fCvHzFKZJoQy6tiz8GH2A6RjbD9b7rxkY-1EabxhuOgAhABIK3tuiBguwagAbfstNQDyAEBqQJMNW9L_IeyPqgDAcgDwwSqBMQBT9Aw3ZNncjl-bmkHijYSg4sZWmy3m1-eY77Tx4GX9168bJI2a0YHtc24pIUxEjzpt1RKwKw69Oe_ED3Vz0_ddQ56cSsu-Va7UETrXKL_Q3PazvY96irZCoEDlahOluLU9WWijDdbi-7E_fl4it5853ejcj4cV_IhVbfWHHHoc0NSFCAyPe-jkv3Wdw1EMjpT8oXA3FkjzNG8Jd_1hLTBhBHkKKT6k-YbimWjTxPfVxtru0R-T_VX_AbP-rdXWRZqjc-qsMAExuyfoawEkgUECAQYAZIFBAgFGASgBmaAB7GTyyuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCuixDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi05MjMyMjUzNTE0NzkyNDUzGAA&sigh=9Fj4W3mzYDM&uach_m=[UACH]&cid=CAQSGwBygQiD3zc3ivOKcVQnqoD9XdZmMoi-gx_7ixgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=90&slotname=3333461467&adk=1530463091&adf=910641620&pi=t.ma~as.3333461467&w=730&fwrn=4&fwrnh=100&lmt=1682583838&rafmt=2&format=730x90&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583838724&bpp=6&bdt=357&idt=194&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&correlator=7335199391172&frm=20&pv=2&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=435&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFyNpAQrqG&p=https%3A//twdown.net&dtd=219
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Apr 2023 08:23:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Apr 2023 08:23:59 GMT

GET
DATA 200
OK truncated
/ Frame 8A49 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame 8A49 22 KB
9 KB 50ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8790
x-xss-protection: 0
server: cafe
etag: 1446065643150489480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:52:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 8A49 3 KB
1 KB 56ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:52:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 8A49 19 KB
8 KB 52ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:53:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A49 158 KB
49 KB 100ms
43ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 08:23:59 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 8A49 32 KB
14 KB 83ms
31ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 20:22:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 12:11:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3CD8 143 B
166 B 32ms
32ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=90&slotname=3333461467&adk=1530463091&adf=910641620&pi=t.ma~as.3333461467&w=730&fwrn=4&fwrnh=100&lmt=1682583838&rafmt=2&format=730x90&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583838724&bpp=6&bdt=357&idt=194&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&correlator=7335199391172&frm=20&pv=2&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=435&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QFyNpAQrqG&p=https%3A//twdown.net&dtd=219
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 08:21:45 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8A49 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 507018dfa6adae155c6ed3be0bc7611c32354fa700cd248d684eb75c05ae8bf8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3CD8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

746ms
744ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 08:24:00 GMT
expires: Thu, 27 Apr 2023 08:24:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 08:23:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 8A49 29 KB
29 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 381449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 22:26:30 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304240101/ 148 KB
50 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304240101/reactive_library_fy2021.js?bust=31074130

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c744b6a692586443ba57d0995e802e2109827210794b8289d73c87948af1b658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51503
x-xss-protection: 0
server: cafe
etag: 2047888336797534393
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 08:23:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 34ms
32ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=twdown.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 48ms
46ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=twdown.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F449 127 KB
37 KB 366ms
366ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=280&adk=601698387&adf=1516740158&pi=t.aa~a.4090970218~i.13~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1682583839&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8051441020&ad_type=text_image&format=1140x280&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583839976&bpp=1&bdt=1609&idt=1&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5a54a6098697964-2211e4fbafdd0017%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbVXbF_89aQRE_fjXjrf_X9PAINJg&gpic=UID%3D00000bf1712bf2b5%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbX0YLkSoHoFsyAEpuCfpYzVBORnA&prev_fmts=730x90%2C0x0&nras=2&correlator=7335199391172&frm=20&pv=1&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&psts=ABHeCvi52CwusIATt3HzFJpcFAN_VEYkpjZNMhO8sJqYOJBNJDaH4wUmLfv59tJhSmQWdiJm4tjemJZdi7qVTR2PjCqT5w&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8uxNgrfsS9&p=https%3A//twdown.net&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21bbccffa9c81627f7a805c8fd84ec651d3423583223681e2b2c0b656448f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twdown.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 37939
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 08:24:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3516 436 B
231 B 191ms
187ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=90&adk=3873505507&adf=1959862982&pi=t.aa~a.3711612684~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1682583840&rafmt=1&to=qs&pwprc=8051441020&format=1140x90&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583840008&bpp=1&bdt=1641&idt=-M&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5a54a6098697964-2211e4fbafdd0017%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbVXbF_89aQRE_fjXjrf_X9PAINJg&gpic=UID%3D00000bf1712bf2b5%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbX0YLkSoHoFsyAEpuCfpYzVBORnA&prev_fmts=730x90%2C0x0%2C1140x280&nras=3&correlator=7335199391172&frm=20&pv=1&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1716&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&psts=ABHeCvi52CwusIATt3HzFJpcFAN_VEYkpjZNMhO8sJqYOJBNJDaH4wUmLfv59tJhSmQWdiJm4tjemJZdi7qVTR2PjCqT5w&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ziZyWxHOGj&p=https%3A//twdown.net&dtd=85

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23ba1ac03f76f147ad507064e11ce89134a35d487fd3fa5779a073e5391c7fe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twdown.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 08:24:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E141 436 B
232 B 216ms
212ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=90&adk=3873505507&adf=4143069308&pi=t.aa~a.3711612684~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1682583840&rafmt=1&to=qs&pwprc=8051441020&format=1140x90&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583840008&bpp=1&bdt=1642&idt=1&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5a54a6098697964-2211e4fbafdd0017%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbVXbF_89aQRE_fjXjrf_X9PAINJg&gpic=UID%3D00000bf1712bf2b5%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbX0YLkSoHoFsyAEpuCfpYzVBORnA&prev_fmts=730x90%2C0x0%2C1140x280%2C1140x90&nras=4&correlator=7335199391172&frm=20&pv=1&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2077&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&psts=ABHeCvi52CwusIATt3HzFJpcFAN_VEYkpjZNMhO8sJqYOJBNJDaH4wUmLfv59tJhSmQWdiJm4tjemJZdi7qVTR2PjCqT5w&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=L6wJnWv7Sx&p=https%3A//twdown.net&dtd=157

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90b901db36969bd9faa75d66394b4e468a7a82a142545e76be0e46658e367bd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twdown.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 08:24:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/ Frame C987 10 KB
4 KB 32ms
31ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twdown.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 49462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 18:39:38 GMT
etag: 2378337311435320485
expires: Wed, 10 May 2023 18:39:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/ Frame 4035 10 KB
4 KB 32ms
31ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twdown.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 49462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 18:39:38 GMT
etag: 2378337311435320485
expires: Wed, 10 May 2023 18:39:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/ Frame 56A5 10 KB
4 KB 32ms
31ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twdown.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 49462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 18:39:38 GMT
etag: 2378337311435320485
expires: Wed, 10 May 2023 18:39:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/ Frame B153 10 KB
4 KB 34ms
32ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twdown.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 49462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 18:39:38 GMT
etag: 2378337311435320485
expires: Wed, 10 May 2023 18:39:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame C987 5 KB
659 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Apr 2023 08:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 07:46:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Apr 2023 08:24:00 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C987 205 B
294 B 41ms
37ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 07:46:11 GMT
x-content-type-options: nosniff
age: 2269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 26 Apr 2024 07:46:11 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C987 604 B
918 B 36ms
32ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 06:27:13 GMT
x-content-type-options: nosniff
age: 7007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 26 Apr 2024 06:27:13 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/elements/html/ Frame C987 19 KB
8 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:53:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8031
x-xss-protection: 0
server: cafe
etag: 4566461469134147509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:53:50 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4035 2 KB
556 B 65ms
64ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

564769d95ea349e3a6a0ab89ae661e3ed164e32fe2f845122acbed9f4862d3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Apr 2023 08:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 07:16:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Apr 2023 08:24:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 4035 2 KB
804 B 29ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:53:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame 4035 22 KB
9 KB 32ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8790
x-xss-protection: 0
server: cafe
etag: 1446065643150489480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:52:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 4035 3 KB
1 KB 39ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:52:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 4035 19 KB
8 KB 34ms
25ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:53:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4035 158 KB
49 KB 62ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 08:24:00 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 4035 32 KB
13 KB 42ms
34ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 20:22:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 12:11:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 56A5 2 KB
556 B 48ms
44ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

564769d95ea349e3a6a0ab89ae661e3ed164e32fe2f845122acbed9f4862d3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Apr 2023 08:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 07:24:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Apr 2023 08:24:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 56A5 2 KB
799 B 58ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:53:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame 56A5 22 KB
9 KB 57ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8790
x-xss-protection: 0
server: cafe
etag: 1446065643150489480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:52:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 56A5 3 KB
1 KB 63ms
29ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:52:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 56A5 19 KB
8 KB 59ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:53:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 56A5 158 KB
48 KB 84ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 08:24:00 GMT

GET
H3 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 56A5 32 KB
13 KB 66ms
33ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 20:22:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 12:11:51 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8BD4 624 B
245 B 113ms
109ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBC6zZbUAxjC-Z3hATAB&v=APEucNV2F_H9jx6QxdLJV8_TvtMQ-vcdZ3ZU3Wn7SiFW-liHuk7fjCEtGi28VSb9nGhcxuHZWMSlcy_sjiDGbs1ek-B96xisJpm8mWmOOIs6SHxAofyGZFGABPwloJPus9zvc1L454RfNN9xOZCqZJpahmk5MJfggFxx7FsWHFR3xWvEEGrMbSE

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 08:24:00 GMT
expires: Thu, 27 Apr 2023 08:24:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame 2756 22 KB
9 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite_fy2021.js

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 01:17:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8790
x-xss-protection: 0
server: cafe
etag: 1446065643150489480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 01:17:14 GMT

GET
H2 200 5935590465894497926
s0.2mdn.net/simgad/ Frame 2756 10 KB
10 KB 164ms
26ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5935590465894497926

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5937ffa71a83ee3c8cafe7646d41e6cce59c39f08564ae676b839d9443ffe752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 19:03:48 GMT
x-content-type-options: nosniff
age: 393612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10057
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 18:05:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 19:03:48 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/elements/html/ Frame 2756 7 KB
3 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230424/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 01:17:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3047
x-xss-protection: 0
server: cafe
etag: 5552017188384030315
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 01:17:14 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2756 0
0 199ms
66ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHa-h31YDav_ZrvHbVZM4JkFE_hfUZSQKqrbAEbQekHsFM2eTY5qtojhpu6Vt0pGnocV_O61ykMBmpBggNNzwScgkfl5FDbdUfCggZkKh0CGWBOwTayNBnxInVdTTiphB2HHJKoNsvvhd8v47Hshe-F128pQOew_Y59XAEntJ7HhISiuUl1xy3K0B5WA20B7gYmQSVZFwwpaoHD2v6dZS_3VQt4xrtqDycSF3SXky0sC7xxHkhBKMzHnH4mNwNAH-3XNcniu1MADpiFok9hx3SrJOzWABKy9Cz2s_FlNofQyL145_YgWNZgH67XrEz8wfQETNcjOFPDis9mtvPNo-I4KhxzTuCMXqJ4jGhHwoc4PDGvuNmrd79v0R4UyuuAJJuO0WuXxextirsQC73rL9PH0jU6d9XejADqoeXxh6WgGSlV9GqTHJio4ChWxqIOnXDiOtb_yuV4ZuEYfzl077A2k8o9w_aA-vYO7oKcYThVLMFxv0gaJBFJk6HB1-_k_l-Ou7GHOrJRJ56F5q2gQOCgMs0tFrLcEPyv2TPIRUqdJzhFKkUl1h6CdqmSJAKrRxRQSX3qwtgjV4FXesXN5tWS70FDQV0GOhcg17cugz8Q2dLVBAW5gDszPn6KtnrjAYRwdySAUHjH94GauZtgD6XVii3WeJEsWpgLxk3kiK4Ed3-icukMb2uhkUUUzI4IM8c0Sp3dn0io3yfejqzjlB9kG_Fl5liMjsON_vrJ-nXxZ81to4Eq7JP2pproICOywSy99Mj4XcSmf_QH5eF8x2heh-eTCEkTgxnktr_qQ-AuD_VdXQmB-k0yj9d9s6NnwTRbqYa-RT3fxfo2EiQmob5xA-hPD5CXUc8ppxzeQrT0QLAdoe_RkfXMGZ5n_cem8wHeHwVqsf1YUQrWYhDmooJQR9tJfl0AMxiOfiVTh3umqo3wNe__9MsWXdhKKgjaUPnwdqXEvWREFzn_xpbs4zHUF0FvygVzJFYSZP8ek8eqMrSkAD7Lh6dQJuz970Eqrn0Nrdg-VL87tlTvvPX8LAStUui-Qu-4IbFlWD-T3GsHOoDH5NGD6i150KPnHuC9aSYoc_5Fz9AbvRtfuwrG0qA5DddzeMROo_87LoYfCezr8XlZ4vLxL2eodyLEseOUg&sai=AMfl-YRJ-KbH1nXtP8WEfL-ErK3SFWhGe7A98k7M0V79CJCu-LBle8uf1uYdlWSH7ArRh9FMaOzpWZwryqsdM0BgEK5XqAkG6yZm4Xt_gVz13Yx9CqGXDjlJA3O9w8pV1gED3dQlmq_rLjPw0WOTaL1NVjLmON65juOTXs6reoev21IscRhWLXf83fIugx7mSWUHzCc1wBegEo3khlg1uV7Xxqv-Y523U_w7WJfEpokwjD0&sig=Cg0ArKJSzAKqDBXlan0zEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230424.31678&arae=0&ftch=1&adurl=

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Apr 2023 08:24:00 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 27 Apr 2023 08:24:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2756 41 KB
15 KB 37ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 19:45:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 2756 3 KB
1 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:52:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 2756 19 KB
8 KB 37ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:53:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2756 158 KB
48 KB 87ms
74ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 08:24:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2756 42 B
63 B 107ms
95ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AwCbAyHiJZvr3EaWrxhLRbuhTy2rsh_XA-aVTeNepQLsdgjA6ybRxze4T7RCjt7NluN9FllpSDXE0vVD0upUvjFIEkV-pSBxgG3zlwmr4gLUykyzA

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 8e3adedd6f76ceb5825dd9d6f211c14b.js Show response
www.gstatic.com/mysidia/ Frame F449 9 KB
4 KB 70ms
66ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8e3adedd6f76ceb5825dd9d6f211c14b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=280&adk=601698387&adf=1516740158&pi=t.aa~a.4090970218~i.13~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1682583839&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8051441020&ad_type=text_image&format=1140x280&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583839976&bpp=1&bdt=1609&idt=1&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5a54a6098697964-2211e4fbafdd0017%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbVXbF_89aQRE_fjXjrf_X9PAINJg&gpic=UID%3D00000bf1712bf2b5%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbX0YLkSoHoFsyAEpuCfpYzVBORnA&prev_fmts=730x90%2C0x0&nras=2&correlator=7335199391172&frm=20&pv=1&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&psts=ABHeCvi52CwusIATt3HzFJpcFAN_VEYkpjZNMhO8sJqYOJBNJDaH4wUmLfv59tJhSmQWdiJm4tjemJZdi7qVTR2PjCqT5w&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8uxNgrfsS9&p=https%3A//twdown.net&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3832
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 20:22:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 12:11:48 GMT

GET
H3 200 db4a31dc6e5c5eb771686aac7146e6f6.js Show response
www.gstatic.com/mysidia/ Frame F449 148 KB
55 KB 73ms
69ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db4a31dc6e5c5eb771686aac7146e6f6.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca2f4f66b334aea047b896927230ba6ba7d0aa4d4a5164bb6d7e69388b3750cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55832
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 23:51:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 01:51:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F449 5 KB
842 B 62ms
59ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f651b65de1b9ba23325dc288bb88af5ef00c645cdd204c6d9aab89b392b106e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Apr 2023 08:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 06:57:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Apr 2023 08:24:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame F449 2 KB
765 B 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:53:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame F449 22 KB
9 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8790
x-xss-protection: 0
server: cafe
etag: 1446065643150489480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:52:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame F449 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:52:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame F449 19 KB
8 KB 57ms
54ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:53:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F449 0
0 28ms
27ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7Hielm2TFBi8l3e7w_NH5h4qWFxajMoHU2I_Nxp9jD-klPSq825RBukbBOqmjiOib3uP3i5ACY2AsHFn4t3Ag4q0yfg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=280&adk=601698387&adf=1516740158&pi=t.aa~a.4090970218~i.13~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1682583839&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8051441020&ad_type=text_image&format=1140x280&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583839976&bpp=1&bdt=1609&idt=1&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5a54a6098697964-2211e4fbafdd0017%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbVXbF_89aQRE_fjXjrf_X9PAINJg&gpic=UID%3D00000bf1712bf2b5%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbX0YLkSoHoFsyAEpuCfpYzVBORnA&prev_fmts=730x90%2C0x0&nras=2&correlator=7335199391172&frm=20&pv=1&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&psts=ABHeCvi52CwusIATt3HzFJpcFAN_VEYkpjZNMhO8sJqYOJBNJDaH4wUmLfv59tJhSmQWdiJm4tjemJZdi7qVTR2PjCqT5w&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8uxNgrfsS9&p=https%3A//twdown.net&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F449 158 KB
48 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 08:24:00 GMT

GET
H3 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame F449 32 KB
13 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 20:22:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 12:11:51 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8BD4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIiGpGcK5IVV3usqkpxSIyg&google_cver=1

43 B
766 B

29ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIiGpGcK5IVV3usqkpxSIyg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBC6zZbUAxjC-Z3hATAB&v=APEucNV2F_H9jx6QxdLJV8_TvtMQ-vcdZ3ZU3Wn7SiFW-liHuk7fjCEtGi28VSb9nGhcxuHZWMSlcy_sjiDGbs1ek-B96xisJpm8mWmOOIs6SHxAofyGZFGABPwloJPus9zvc1L454RfNN9xOZCqZJpahmk5MJfggFxx7FsWHFR3xWvEEGrMbSE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Apr 2023 08:24:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIiGpGcK5IVV3usqkpxSIyg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8BD4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEoxIJyrZj133SeRYf8JJwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIiGpGcK5IVV3usqkpxSIyg&google_cver=1

43 B
766 B

22ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIiGpGcK5IVV3usqkpxSIyg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBC6zZbUAxjC-Z3hATAB&v=APEucNV2F_H9jx6QxdLJV8_TvtMQ-vcdZ3ZU3Wn7SiFW-liHuk7fjCEtGi28VSb9nGhcxuHZWMSlcy_sjiDGbs1ek-B96xisJpm8mWmOOIs6SHxAofyGZFGABPwloJPus9zvc1L454RfNN9xOZCqZJpahmk5MJfggFxx7FsWHFR3xWvEEGrMbSE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Apr 2023 08:24:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIiGpGcK5IVV3usqkpxSIyg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 8BD4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHeVkaIHeXk8qq2-83my24o&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHeVkaIHeXk8qq2-83my24o%26google_cver%3D1

43 B
1 KB

22ms
21ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHeVkaIHeXk8qq2-83my24o%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBC6zZbUAxjC-Z3hATAB&v=APEucNV2F_H9jx6QxdLJV8_TvtMQ-vcdZ3ZU3Wn7SiFW-liHuk7fjCEtGi28VSb9nGhcxuHZWMSlcy_sjiDGbs1ek-B96xisJpm8mWmOOIs6SHxAofyGZFGABPwloJPus9zvc1L454RfNN9xOZCqZJpahmk5MJfggFxx7FsWHFR3xWvEEGrMbSE

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Apr 2023 08:24:01 GMT
AN-X-Request-Uuid: 2388eca8-a9f0-4d95-8ec9-f647bca459d7
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 95.211.95.246; 95.211.95.246; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Apr 2023 08:24:00 GMT
AN-X-Request-Uuid: 50a638e4-21aa-4254-b5cf-300559a65886
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHeVkaIHeXk8qq2-83my24o%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 95.211.95.246; 95.211.95.246; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BD4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMjg1NzQ4MTIwODY2NTM1OA%3D%3D

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMjg1NzQ4MTIwODY2NTM1OA%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 27 Apr 2023 08:24:01 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 95.211.95.246; 95.211.95.246; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9c164fd0-1bf6-426d-899f-553ec60fb275
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMjg1NzQ4MTIwODY2NTM1OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 08F9 9 KB
921 B 44ms
37ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Apr 2023 08:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 07:45:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Apr 2023 08:24:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 08F9 2 KB
765 B 29ms
27ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:53:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/ Frame 08F9 22 KB
9 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8790
x-xss-protection: 0
server: cafe
etag: 1446065643150489480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:52:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 08F9 3 KB
1 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:52:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/ Frame 08F9 19 KB
8 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230424/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 00:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 6327879953816217519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 May 2023 00:53:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08F9 158 KB
48 KB 60ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 08:24:00 GMT

GET
H3 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 08F9 32 KB
13 KB 41ms
35ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 20:22:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 12:11:51 GMT

GET
DATA 200
OK truncated
/ Frame 2756 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2842887c2d175e43c47ab01f9871bd4c05e5ad491a6a06f7ee4df421ae7332c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EA00 22 KB
8 KB 39ms
26ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 403154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 16:24:46 GMT
expires: Sun, 21 Apr 2024 16:24:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2756 0
0 59ms
58ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHa-h31YDav_ZrvHbVZM4JkFE_hfUZSQKqrbAEbQekHsFM2eTY5qtojhpu6Vt0pGnocV_O61ykMBmpBggNNzwScgkfl5FDbdUfCggZkKh0CGWBOwTayNBnxInVdTTiphB2HHJKoNsvvhd8v47Hshe-F128pQOew_Y59XAEntJ7HhISiuUl1xy3K0B5WA20B7gYmQSVZFwwpaoHD2v6dZS_3VQt4xrtqDycSF3SXky0sC7xxHkhBKMzHnH4mNwNAH-3XNcniu1MADpiFok9hx3SrJOzWABKy9Cz2s_FlNofQyL145_YgWNZgH67XrEz8wfQETNcjOFPDis9mtvPNo-I4KhxzTuCMXqJ4jGhHwoc4PDGvuNmrd79v0R4UyuuAJJuO0WuXxextirsQC73rL9PH0jU6d9XejADqoeXxh6WgGSlV9GqTHJio4ChWxqIOnXDiOtb_yuV4ZuEYfzl077A2k8o9w_aA-vYO7oKcYThVLMFxv0gaJBFJk6HB1-_k_l-Ou7GHOrJRJ56F5q2gQOCgMs0tFrLcEPyv2TPIRUqdJzhFKkUl1h6CdqmSJAKrRxRQSX3qwtgjV4FXesXN5tWS70FDQV0GOhcg17cugz8Q2dLVBAW5gDszPn6KtnrjAYRwdySAUHjH94GauZtgD6XVii3WeJEsWpgLxk3kiK4Ed3-icukMb2uhkUUUzI4IM8c0Sp3dn0io3yfejqzjlB9kG_Fl5liMjsON_vrJ-nXxZ81to4Eq7JP2pproICOywSy99Mj4XcSmf_QH5eF8x2heh-eTCEkTgxnktr_qQ-AuD_VdXQmB-k0yj9d9s6NnwTRbqYa-RT3fxfo2EiQmob5xA-hPD5CXUc8ppxzeQrT0QLAdoe_RkfXMGZ5n_cem8wHeHwVqsf1YUQrWYhDmooJQR9tJfl0AMxiOfiVTh3umqo3wNe__9MsWXdhKKgjaUPnwdqXEvWREFzn_xpbs4zHUF0FvygVzJFYSZP8ek8eqMrSkAD7Lh6dQJuz970Eqrn0Nrdg-VL87tlTvvPX8LAStUui-Qu-4IbFlWD-T3GsHOoDH5NGD6i150KPnHuC9aSYoc_5Fz9AbvRtfuwrG0qA5DddzeMROo_87LoYfCezr8XlZ4vLxL2eodyLEseOUg&sai=AMfl-YRJ-KbH1nXtP8WEfL-ErK3SFWhGe7A98k7M0V79CJCu-LBle8uf1uYdlWSH7ArRh9FMaOzpWZwryqsdM0BgEK5XqAkG6yZm4Xt_gVz13Yx9CqGXDjlJA3O9w8pV1gED3dQlmq_rLjPw0WOTaL1NVjLmON65juOTXs6reoev21IscRhWLXf83fIugx7mSWUHzCc1wBegEo3khlg1uV7Xxqv-Y523U_w7WJfEpokwjD0&sig=Cg0ArKJSzAKqDBXlan0zEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=394&vt=11&dtpt=392&dett=2&cstd=0&cisv=r20230424.31678&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:24:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Apr 2023 08:24:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F449 0
234 B 50ms
18ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lgyuz4pw&c=3819478492320&slotId=1909739246160&qqid=CIu93KDRyf4CFRDbGAodL9cMxQ&sei=44729911%2C44730425%2C44730426%2C44752538%2C45401791%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/db4a31dc6e5c5eb771686aac7146e6f6.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame F449 24 KB
24 KB 143ms
69ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT2LCvoe_lgRzGWPkLI-iX6HeW__Q1kfWUn0dmbOR-_QCexC81_eMLIRXEiUho&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad1763b7d2063b9d4464c514266ca65004906c8871d4601f1c06622ed451a55a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 19:56:55 GMT
x-content-type-options: nosniff
age: 390426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24674
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 08:36:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 21 Apr 2024 19:56:55 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame F449 23 KB
24 KB 117ms
36ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSFwMKe7-vjFo6RGPzLeGF20CwmVNm_nIL4tt90VZTzR-u8dI37DEByoPfTTyA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

740907647512fc317f2eecdb9887917c6636091b1136cd6891229bbaca89ecad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 21:06:33 GMT
x-content-type-options: nosniff
age: 127048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23967
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 13:56:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 24 Apr 2024 21:06:33 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame F449 30 KB
31 KB 102ms
30ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQQepIaWRUTDW268ejc-SPWT8mh0TMPpwstjGu8-r3HoCQ2KmvT4MUdvZFMCC0&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21e90f036453859da167a4295443fd76c668e2f1f1704414d756139a04c9398f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:24:49 GMT
x-content-type-options: nosniff
age: 385152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30913
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 02:02:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 21 Apr 2024 21:24:49 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame F449 46 KB
46 KB 143ms
72ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRNcUenOwYOBqBbf3ULKJJ19jL5mtIf_Cbi-z2e5wjzZVVJTQYGrlD_anQjpoI&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bb33d5d0314c2d2fe2d7d40b5239c1836e6312c3477f8b79834f85d98f840dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 05:03:51 GMT
x-content-type-options: nosniff
age: 357610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47251
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 05:14:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 22 Apr 2024 05:03:51 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame F449 19 KB
20 KB 93ms
21ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQxN3EXmXRYzfu66FIgdXJ-ak0RLNYHV3Ps7KPeM7bHulenJvVughBPpB1COg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60738eb614b386d85b9915bd8c1b305853707aecf26ce1bf735d58b507aaa359

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:41:04 GMT
x-content-type-options: nosniff
age: 380577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19782
x-xss-protection: 0
last-modified: Sat, 24 Jul 2021 01:36:04 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 21 Apr 2024 22:41:04 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame F449 30 KB
30 KB 150ms
0ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSefeUb0rGO8LZ7cHFeJQ8HAiib1TNgSZOOVmnCNHNqJ0qdapK5SZvCV4X-aA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d62f0ddd34598d19102515f55d6fe76e663cdf21f275786123aba8e6a55787c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 20:16:10 GMT
x-content-type-options: nosniff
age: 389271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30337
x-xss-protection: 0
last-modified: Tue, 15 Dec 2020 04:43:44 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 21 Apr 2024 20:16:10 GMT

GET
H3

200

6750730227827852970
tpc.googlesyndication.com/simgad/ Frame F449
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXpqu42gEQkAEYkAEyCCjCB-EB92Hx
https://tpc.googlesyndication.com/simgad/6750730227827852970

17 KB
17 KB

56ms
38ms

Image
image/jpeg

2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6750730227827852970

Requested by

Protocol

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b5753580de992cd3b18a968d9c6686c11240546a87d59db39991032bfbeda3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:58:00 GMT
x-content-type-options: nosniff
age: 401161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16954
x-xss-protection: 0
last-modified: Thu, 21 May 2020 07:50:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 16:58:00 GMT

Redirect headers

date: Wed, 26 Apr 2023 18:15:09 GMT
x-content-type-options: nosniff
server: cafe
age: 50931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6750730227827852970
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 May 2023 18:15:09 GMT

GET
H3

200

17534842168602648219
tpc.googlesyndication.com/simgad/ Frame F449
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXpqvVjwEQrAIYrAIyCJNbEGjevPdx
https://tpc.googlesyndication.com/simgad/17534842168602648219

105 KB
105 KB

50ms
34ms

Image
image/jpeg

2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17534842168602648219

Requested by

Protocol

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c250441e89027a8b21d16c4efab1dd338459b0443cf056f7e91431c194a87dae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:53:41 GMT
x-content-type-options: nosniff
age: 131420
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107248
x-xss-protection: 0
last-modified: Thu, 21 May 2020 07:50:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Apr 2024 19:53:41 GMT

Redirect headers

date: Wed, 26 Apr 2023 20:09:58 GMT
x-content-type-options: nosniff
server: cafe
age: 44042
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/17534842168602648219
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 May 2023 20:09:58 GMT

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame D475 36 KB
14 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 14:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 14:43:26 GMT

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame B91D 36 KB
14 KB 93ms
91ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 14:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 14:43:26 GMT

GET
H3

206

videoplayback
r4---sn-aigl6nzk.gvt1.com/ Frame F449
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=68b59c4a9442517b&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1682591040&sparams=ip,ipbits,expire,id,...
https://r4---sn-aigl6nzk.gvt1.com/videoplayback?id=68b59c4a9442517b&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1682591040&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

1 MB
1 MB

172ms
48ms

Media
video/mp4

2a00:1450:4009:19::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-aigl6nzk.gvt1.com/videoplayback?id=68b59c4a9442517b&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1682591040&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=139C1554F775A74EDFACAF5F6F32CB470044B298.62170BBC5DB73A89688A6297C24AB0BCE4D84295&key=cms1&cms_redirect=yes&mh=RH&mip=2001:1af8:4020:a034:1000::8&mm=28&mn=sn-aigl6nzk&ms=nvh&mt=1682582973&mv=u&mvi=4&pl=43

Requested by

Protocol

Server

2a00:1450:4009:19::9 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c5016396342b8cbba17ec852021db67110ccc8c0061487b00f37833e44f583a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 27 Apr 2023 08:24:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Apr 2023 11:02:53 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1410617/1410618
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1410618
expires: Thu, 27 Apr 2023 08:24:01 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:01 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-aigl6nzk.gvt1.com/videoplayback?id=68b59c4a9442517b&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1682591040&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=139C1554F775A74EDFACAF5F6F32CB470044B298.62170BBC5DB73A89688A6297C24AB0BCE4D84295&key=cms1&cms_redirect=yes&mh=RH&mip=2001:1af8:4020:a034:1000::8&mm=28&mn=sn-aigl6nzk&ms=nvh&mt=1682582973&mv=u&mvi=4&pl=43
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 714
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F449 0
0 179ms
101ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CoAcIIDFKZIutApC2Y6-us6gMscLP8W_oi_fUwhHixrm-wzgQASCt7bogYJEEoAG635v5A8gBCagDAcgDywSqBMkBT9DUxCKhOh687E0fpMUrvgabmqGMccOpoZPhyn6cR3BeDLUkKQ5b2C-eVi9OC6i62FTt55ixxZrCWzvb0QJBROOvk-mVEVpeTEL3o9hMPiHMWCY7TQeLtV0YAOxgCG1eVtmKp-gK9999PzCBH5QdKO4zIA6Q925CSIlUCiQpfpXTMHaprzJZVwBKh6alFcif7zZjsYVgWK1G9VW3h3mHj60Wkg8QFcWwba6lesbDvF-URftbVFETEut-nspBrfv99EINTqzlB4EmwASBi5_fqwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzYP40gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwMQkDXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi05MjMyMjUzNTE0NzkyNDUzGAA&sigh=Ufc-61MA_RI&uach_m=[UACH]&cid=CAQSPABygQiD56a3DdBX61d7THZIFGEJlSC-S53jIYdJymhwzbJ2CCw37wH_vJEVgNUl9vS2Lq7sBPbfKGJgwhgB&template_id=499

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=280&adk=601698387&adf=1516740158&pi=t.aa~a.4090970218~i.13~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1682583839&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8051441020&ad_type=text_image&format=1140x280&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583839976&bpp=1&bdt=1609&idt=1&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5a54a6098697964-2211e4fbafdd0017%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbVXbF_89aQRE_fjXjrf_X9PAINJg&gpic=UID%3D00000bf1712bf2b5%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbX0YLkSoHoFsyAEpuCfpYzVBORnA&prev_fmts=730x90%2C0x0&nras=2&correlator=7335199391172&frm=20&pv=1&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&psts=ABHeCvi52CwusIATt3HzFJpcFAN_VEYkpjZNMhO8sJqYOJBNJDaH4wUmLfv59tJhSmQWdiJm4tjemJZdi7qVTR2PjCqT5w&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8uxNgrfsS9&p=https%3A//twdown.net&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 27 Apr 2023 08:24:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 68AD 143 B
166 B 122ms
79ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 08:21:45 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame F198 36 KB
14 KB 35ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 14:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 14:43:26 GMT

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame EA00 36 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 14:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 14:43:26 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 31BE 1 KB
643 B 37ms
36ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 72729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 12:11:52 GMT
etag: 48472445140208031
expires: Thu, 27 Apr 2023 12:11:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F449 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0c24de2b871c01c028711705839bdf49972c885144cfc3f630204eef8c8b639

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame F449 18 KB
18 KB 65ms
35ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1977d37efc117e675cf21c6d114cf72a98fc3b9f884227aba814f5ad407a03f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 541118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18560
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 31BE
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKz_AiZ_NmHCtTmzJwnX-8Q&google_cver=1&google_push=ATf1kGMLLWSV16FImyCNQdTeI7YABODJktRG-sEbAvdoQo5pDlDCPJDr5w5ARH_m_FEiX6G3og2P6_kQzxVgn3fa5pnS5XHquD3x
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODMyMTgzMzU4ODUwMDg2OTk4OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKz_AiZ_NmHCtTmzJwnX-8Q&google_cver=1

43 B
398 B

120ms
36ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKz_AiZ_NmHCtTmzJwnX-8Q&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 27 Apr 2023 08:24:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKz_AiZ_NmHCtTmzJwnX-8Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 31BE 35 B
463 B 81ms
22ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED-v-TAb7bIMfkTZMDFv1s0&google_cver=1&google_push=ATf1kGMEoLnW4LhPmhNC684kf5JoOCVQuKOrVvotc7-jGtmqXN_tvgJf5RiEkGLOLkUhgCRnd_QPSXKzU-d-wy5VInttCr-AfuDhaQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:01 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31BE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJr3YNgoJWX4NFhiOkbXjk0&google_cver=1&google_push=ATf1kGPvDcdEa_LvK2Ge7nU3pYd6JoQ7x2r15CpkvBpTEyuEywI4k1DOHEpqC0yP_b3H8phKzWJc9G0tzC-3tM-0...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPvDcdEa_LvK2Ge7nU3pYd6JoQ7x2r15CpkvBpTEyuEywI4k1DOHEpqC0yP_b3H8phKzWJc9G0tzC-3tM-0tnrBeBzHaNGT

170 B
188 B

33ms
31ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPvDcdEa_LvK2Ge7nU3pYd6JoQ7x2r15CpkvBpTEyuEywI4k1DOHEpqC0yP_b3H8phKzWJc9G0tzC-3tM-0tnrBeBzHaNGT

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 27 Apr 2023 08:24:01 GMT
Server: MT3 830 785530e master cdg-pixel-x32 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPvDcdEa_LvK2Ge7nU3pYd6JoQ7x2r15CpkvBpTEyuEywI4k1DOHEpqC0yP_b3H8phKzWJc9G0tzC-3tM-0tnrBeBzHaNGT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 27 Apr 2023 08:24:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31BE
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELgJ4s5Dsf4ohvM_-7xQr18&google_cver=1&google_push=ATf1kGNrKwmJI6YEieedtHBpTAWV10a7zGUdPZjI5vLHn3GWsfqoYD7NGmj5q4znFJgtdJrUtfakJlgVORdKG5MJDU3cMVp-_Tpn-w
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A1C12DA6696940748087E0B79B9A16D4&google_push=ATf1kGNrKwmJI6YEieedtHBpTAWV10a7zGUdPZjI5vLHn3GWsfqoYD7NGmj5q4znFJgtdJrUtfakJlgVORdKG5M...

170 B
188 B

32ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A1C12DA6696940748087E0B79B9A16D4&google_push=ATf1kGNrKwmJI6YEieedtHBpTAWV10a7zGUdPZjI5vLHn3GWsfqoYD7NGmj5q4znFJgtdJrUtfakJlgVORdKG5MJDU3cMVp-_Tpn-w

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 Apr 2023 08:24:01 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A1C12DA6696940748087E0B79B9A16D4&google_push=ATf1kGNrKwmJI6YEieedtHBpTAWV10a7zGUdPZjI5vLHn3GWsfqoYD7NGmj5q4znFJgtdJrUtfakJlgVORdKG5MJDU3cMVp-_Tpn-w
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 26 Apr 2023 08:24:01 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 31BE 0
173 B 102ms
16ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEF415HzSQb983wiWn70JmZE&google_cver=1&google_push=ATf1kGOQH93yh5jP5Rzg2RMD8qKYAu2mCJSvDDgdlDip065_b9g1Y_JMXHLUmnE9iibNq9-1bMMVnT0p3hR7o8bmb0HJpSNM9iEl7A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=280&adk=601698387&adf=1516740158&pi=t.aa~a.4090970218~i.13~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1682583839&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8051441020&ad_type=text_image&format=1140x280&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583839976&bpp=1&bdt=1609&idt=1&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5a54a6098697964-2211e4fbafdd0017%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbVXbF_89aQRE_fjXjrf_X9PAINJg&gpic=UID%3D00000bf1712bf2b5%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbX0YLkSoHoFsyAEpuCfpYzVBORnA&prev_fmts=730x90%2C0x0&nras=2&correlator=7335199391172&frm=20&pv=1&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&psts=ABHeCvi52CwusIATt3HzFJpcFAN_VEYkpjZNMhO8sJqYOJBNJDaH4wUmLfv59tJhSmQWdiJm4tjemJZdi7qVTR2PjCqT5w&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8uxNgrfsS9&p=https%3A//twdown.net&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:24:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31BE
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDC3yQRXSKiOuFLl2Ow3XOE&google_cver=1&google_push=ATf1kGPh4hq8H-zx6-V3iXtAl9rlD_e7aU9pUNxbCITggfUsl8m-ST0LWR2NTKP10kirORzMBsWPilbeCkGF0EaKqIhs...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDC3yQRXSKiOuFLl2Ow3XOE&google_cver=1&google_push=ATf1kGPh4hq8H-zx6-V3iXtAl9rlD_e7aU9pUNxbCITggfUsl8m-ST0LWR2NTKP10kirORzMBsWPilbeCkGF0E...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPh4hq8H-zx6-V3iXtAl9rlD_e7aU9pUNxbCITggfUsl8m-ST0LWR2NTKP10kirORzMBsWPilbeCkGF0EaKqIhs7yISdI020g&google_hm=hrFHI6z4Qz6D9JRJ3Hc9pA==

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPh4hq8H-zx6-V3iXtAl9rlD_e7aU9pUNxbCITggfUsl8m-ST0LWR2NTKP10kirORzMBsWPilbeCkGF0EaKqIhs7yISdI020g&google_hm=hrFHI6z4Qz6D9JRJ3Hc9pA==

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPh4hq8H-zx6-V3iXtAl9rlD_e7aU9pUNxbCITggfUsl8m-ST0LWR2NTKP10kirORzMBsWPilbeCkGF0EaKqIhs7yISdI020g&google_hm=hrFHI6z4Qz6D9JRJ3Hc9pA==
date: Thu, 27 Apr 2023 08:24:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 31BE 43 B
351 B 84ms
21ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKBZSussDGG8Gsi-u_AxW6E&google_cver=1&google_push=ATf1kGNFASPTkfaUuT32wt_dE9ryUZOqkeqyJXr7bj717W9TYOzoIxR9D5wNyhBE1C1Zj1j5j0liS5mj4xQdTajoRCaIp3fxQoSTOQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9232253514792453&output=html&h=280&adk=601698387&adf=1516740158&pi=t.aa~a.4090970218~i.13~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1682583839&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8051441020&ad_type=text_image&format=1140x280&url=https%3A%2F%2Ftwdown.net%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682583839976&bpp=1&bdt=1609&idt=1&shv=r20230424&mjsv=m202304240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5a54a6098697964-2211e4fbafdd0017%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbVXbF_89aQRE_fjXjrf_X9PAINJg&gpic=UID%3D00000bf1712bf2b5%3AT%3D1682583839%3ART%3D1682583839%3AS%3DALNI_MbX0YLkSoHoFsyAEpuCfpYzVBORnA&prev_fmts=730x90%2C0x0&nras=2&correlator=7335199391172&frm=20&pv=1&ga_vid=1337216479.1682583839&ga_sid=1682583839&ga_hid=572853684&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31074130&oid=2&psts=ABHeCvi52CwusIATt3HzFJpcFAN_VEYkpjZNMhO8sJqYOJBNJDaH4wUmLfv59tJhSmQWdiJm4tjemJZdi7qVTR2PjCqT5w&pvsid=1407607615361016&tmod=1909854798&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8uxNgrfsS9&p=https%3A//twdown.net&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:01 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 0q5uvhl49bid1lbuhui7gpoblpjm8umo

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 31BE 0
12 B 29ms
28ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2x4Pge8svdWuvXAjJ8armte9zo80hwiiYyukUlHMz0kbZoxUoveCofMlSdpUgI37eNe6D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:24:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 68AD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

80ms
67ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230424/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 08:24:01 GMT
expires: Thu, 27 Apr 2023 08:24:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 08:24:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F77 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Host: twdown.net
URL: https://twdown.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 14:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 14:43:26 GMT

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame 223D 36 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 14:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 14:43:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A49 42 B
64 B 112ms
69ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHvjAH9nVvj-02vd7gq5nDpe2PvdQpYZ_wLjR7pFtSl2Ht5iI-QgNfqv_q4yUS45TfUtZMDo2AR3SDbi5TXEWh-GvfGjQx0ltUoEDllYhi1jeyJrDPFiuNkFnr_xvRefEow1ZuNg&sai=AMfl-YQDB2U-VoF3zACfaNkKTXYRkX-Rc5vGFM1yvzxpY8NYq6IxPTPcL4BiBpy545vzomY0V1aaLEGIGHDo&sig=Cg0ArKJSzHa_gEht_Ij6EAE&cid=CAQSGwBygQiD3zc3ivOKcVQnqoD9XdZmMoi-gx_7ixgB&id=lidar2&mcvt=1104&p=0,0,90,730&mtos=1104,1104,1104,1104,1104&tos=1104,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1530463091&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682583838946&rpt=1933&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 118ms
81ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230424&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb5f9b57b63a189c10e86f1b99a7d1fae0d25a7b3f0817b72328eda237be7c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:24:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11155
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://twdown.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:24:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 08:24:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC92 13 KB
5 KB 48ms
21ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twdown.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 3761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 07:21:21 GMT
expires: Fri, 26 Apr 2024 07:21:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 907E 783 B
533 B 67ms
40ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b6661bdb34a0e956f2cc4b7dc9fa3002eb96fe63942aa12fc55a076368ab9471

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Uetl1gIxH1aCUDqZUDhJYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://twdown.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-Uetl1gIxH1aCUDqZUDhJYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Apr 2023 08:24:02 GMT
expires: Thu, 27 Apr 2023 08:24:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA00 0
20 B 90ms
89ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRktAHzFKZLaUAZKeiM0PwuqNoAwAAAAAOAHgBAI&bg=!u7iluOzNAAYfNdXmPzU7ADkAdvg8WuW__FBQ3n6DyZ5iKjIWGX1rDv2BvutBLLiL8R8oiZ8BsvBirbM57tMBqvl0MRgRR2PTbSECAAACaFIAAAAJaAEHmQML9Dg4ZAo-olbKD9FAU7ZqLphZFN9Lyy9u_P4CLb3hxVsdILgo-MWFm8U9MgOJ_Qgt2-bedgQSN_PYZWsgT53GWupJB_SiHUcFSe8b4Cdh9ILe2S38uHe6osXKEe-1V25tYCmEbxnSNoeZYTMPrTqkFy7bjrJ3W-bMmuXNKbrCGC45dK6U8lTfUJY_-flOomF4z8fGP4teja6qKsEKJbS35dmA5y8KBW0vSIqoMOo-Agdbz70WCloe3h7KGK89Iie25m9vKJU8GhQPoYYxLyPATxt9nNEW_axSKNNRi3wW13Mi65_C_L3xyelYp8IiR8dh6vmvTy0gcY8XOdYp6I3P5LWXdX3J4GHVItrJX8O-q7sd7mLmVYUyfOYcxXDWt4muibYeiChigpCAKINtMvet607bBlVO_DxdBaQHVheXLnYRa0Z_2HtMmUbfwjXArhiVUtWTcvdm7ZKf2_gyl-_tAdXW6QK7fraRjdMgeQwpuF8luXBRv4DvAdXS_FIlmpvjJjMNf1s8U9zkX2QRfbRni2SYZVziZwZl9H7MvwJTno1rX9eWIgMp2wYV4cOjgu63kosGiJhStTdaTHuM7r6_QItx2zDmn2fzisyWsCZ5WYWl97hvycZHk3wuib2j6nrsKUkk3dSZfhewdXqVkgdn6tPikVrPOQVYmQsFgyDOy3LTz3TmF2eb0uEWEV9iXIuLdKYsahcCUvkZKq-aNhiPM6mgSB-BcUz6usRCNct1vdQ6iGWnr7ThGJcnNsgiKH0QguFGNVQ8dNdMGYurowocRz26GlJG5Fjcme4anrppVUYPQ83kMTR9__yDYeA2NBbbxyQ2DtjL2Tlnu2dLRd0Ptwp9FY-Ykzm9YG_uykTtAwF-ex64ej-hJ-3ROlij4sY08MKw4V9vkI3oLPXzoUF3NL_VFAiYDw1V5yiBdArgVbUvE7m-anSmf6WiHAWQ1zMLHDNKcB2BitEZ-WuopSdAgplKP7ybbWLPN4lQmD4Q4vdz_P0Ow64aW1Yg5ria9szCBXpOuj9IY6036Bo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 907E 0
0 88ms
85ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230424&jk=1407607615361016&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js Show response
pagead2.googlesyndication.com/bg/ Frame BC92 36 KB
14 KB 36ms
32ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w05zGG9qaosOBIL1Kb6OkKtrB9U8AfHvOijkE_qF5Xk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 14:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 14:43:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2756 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7nVdLZQ6sqDOLqYVlCq2Jzlvf2JE3b565zFvNezhonMQy17OeYY7edk4sA97t823Fa3rOP4PuV2If-CQr8bjWhnPmLZCkvPaXRFzGafIMzy2H-C53OegbSwssxq6p6UYWiVKpbA&sai=AMfl-YQKU-sNwdhJXfR7vjeMorXoBiWTQGvjM9EDQKCb2MkvxTigQ0vPj4QhRRuDLIP2PnMv9jKlB0cYqhGi&sig=Cg0ArKJSzN5TDx9ELgpaEAE&cid=CAQSGwBygQiDpMCM2tU5eN401YiZIr16rGBQLUDUgBgB&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682583840420&rpt=1269&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BC92 0
11 B 26ms
23ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Jwy0hg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 08:24:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame F449 0
45 B 41ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lgyuz4q8&c=3819478492320&slotId=1909739246160&qqid=CIu93KDRyf4CFRDbGAodL9cMxQ&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/db4a31dc6e5c5eb771686aac7146e6f6.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 08:24:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.twdown.net/	1970-01-20 20:59:03	Name: _ga Value: GA1.2.1337216479.1682583839
.twdown.net/	1970-01-20 11:24:30	Name: _gid Value: GA1.2.878724353.1682583839
.twdown.net/	1970-01-20 11:23:03	Name: _gat Value: 1
.twdown.net/	1970-01-20 20:44:39	Name: __gads Value: ID=d5a54a6098697964-2211e4fbafdd0017:T=1682583839:RT=1682583839:S=ALNI_MbVXbF_89aQRE_fjXjrf_X9PAINJg
.twdown.net/	1970-01-20 20:44:39	Name: __gpi Value: UID=00000bf1712bf2b5:T=1682583839:RT=1682583839:S=ALNI_MbX0YLkSoHoFsyAEpuCfpYzVBORnA
.doubleclick.net/	1970-01-20 20:44:39	Name: IDE Value: AHWqTUngMee2KQjrW6A2fNx5ZFPwFHVh6oUTh2ZVh5pl8poM59fAMztACmG3P8q5BKc
.doubleclick.net/	1970-01-20 11:23:07	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 20:08:39	Name: CMID Value: ZEoxIJyrZj133SeRYf8JJwAA
.casalemedia.com/	1970-01-20 13:32:39	Name: CMPS Value: 1159
.casalemedia.com/	1970-01-20 13:32:39	Name: CMPRO Value: 1159
.adnxs.com/	1970-01-20 13:32:39	Name: uuid2 Value: 4212857481208665358
.adnxs.com/	1970-01-20 13:32:39	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?efQkEi!]tbPl1M>e)ZlrFUfJ+tGXxo3G38^VZfpNn`VJZzSkoG]HTeMjc?1XY1n/Fb3If)y3KL9D3I?+NI$*yI
.quantserve.com/	1970-01-20 13:32:39	Name: d Value: EF0BCQHtKIEA
.quantserve.com/	1970-01-20 20:53:18	Name: mc Value: 644a3121-e491f-bfca2-11b05
.blismedia.com/	1970-01-20 20:08:43	Name: b Value: 644A31216C9F8B74FD1B73C3BLIS
.simpli.fi/	1970-01-20 20:10:06	Name: suid Value: A1C12DA6696940748087E0B79B9A16D4
.mathtag.com/	1970-01-20 20:48:59	Name: uuid Value: bd7d644a-3121-4e00-9d49-e81f5baf9e82
.mathtag.com/	1970-01-20 12:06:15	Name: mt_mop Value: 4:1682583841
.bidswitch.net/	1970-01-20 20:08:39	Name: tuuid Value: 86b14723-acf8-433e-83f4-9449dc773da4
.bidswitch.net/	1970-01-20 20:08:39	Name: c Value: 1682583841
.bidswitch.net/	1970-01-20 20:08:39	Name: tuuid_lu Value: 1682583842
.bidswitch.net/	1970-01-20 11:23:04	Name: google_push Value: ATf1kGPh4hq8H-zx6-V3iXtAl9rlD_e7aU9pUNxbCITggfUsl8m-ST0LWR2NTKP10kirORzMBsWPilbeCkGF0EaKqIhs7yISdI020g
.turn.com/	1970-01-20 15:42:15	Name: uid Value: 8321833588500869989

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
adservice.google.com
adservice.google.nl
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
r.turn.com
r4---sn-aigl6nzk.gvt1.com
redirector.gvt1.com
rtb.openx.net
s0.2mdn.net
sync.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
twdown.net
um.simpli.fi
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.185.130
142.250.185.226
185.29.134.244
185.80.39.216
2001:4860:4802:32::3
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
2a00:1450:4009:19::9
2a06:98c1:3121::3
3.120.144.155
34.96.105.8
35.204.158.49
35.227.252.103
37.252.173.215
46.228.164.11
0147b56790c6083ed251188b1f7bd1a026b4accecb54019a35d1b6c42b76ab87
06f3ddbbd0c90766d744b824d27c491995029162c303fb9b9263915d1130b5b8
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb33d5d0314c2d2fe2d7d40b5239c1836e6312c3477f8b79834f85d98f840dd
0e41e3b9bcaf35df3fe050d6149b58d1a8f20d174d33fe63546b19ac10ccc95f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1703a72fa6f4e4c3e4226e77f416e403c9350226515a4addb2dba832adddec33
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1977d37efc117e675cf21c6d114cf72a98fc3b9f884227aba814f5ad407a03f0
199de76cc4b8c6d0b8c9fa75653999071f17e025dd7f25cc6bf3893f8317b9b8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21e90f036453859da167a4295443fd76c668e2f1f1704414d756139a04c9398f
23ba1ac03f76f147ad507064e11ce89134a35d487fd3fa5779a073e5391c7fe1
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2d62f0ddd34598d19102515f55d6fe76e663cdf21f275786123aba8e6a55787c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3e1278c804aea9c18fd2e82c80c1dbf7156d3e6b8f09aa6047fabf986f32a66c
3e460b21839bf49543aeac626269114e5bc49092a516d7e94da7dbaee582bfd6
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4959bb4b0d2e0d272cce7d3b768f32c93f3362d47b51751ec64540aeb0e01526
49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507018dfa6adae155c6ed3be0bc7611c32354fa700cd248d684eb75c05ae8bf8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564769d95ea349e3a6a0ab89ae661e3ed164e32fe2f845122acbed9f4862d3fa
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
5937ffa71a83ee3c8cafe7646d41e6cce59c39f08564ae676b839d9443ffe752
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60738eb614b386d85b9915bd8c1b305853707aecf26ce1bf735d58b507aaa359
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
740907647512fc317f2eecdb9887917c6636091b1136cd6891229bbaca89ecad
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
90b901db36969bd9faa75d66394b4e468a7a82a142545e76be0e46658e367bd0
9130219613b5666c0dfd666925ca7660f955c35180f4a92798323421773662dd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2842887c2d175e43c47ab01f9871bd4c05e5ad491a6a06f7ee4df421ae7332c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ad1763b7d2063b9d4464c514266ca65004906c8871d4601f1c06622ed451a55a
af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b559efedf8737c9f893fac2154fcf1223f5a2776b544cc274c6cd81752c83325
b6661bdb34a0e956f2cc4b7dc9fa3002eb96fe63942aa12fc55a076368ab9471
b96845c0eccb0e864e606db06ff08da281117359d9947310de93bcd52038a74e
c250441e89027a8b21d16c4efab1dd338459b0443cf056f7e91431c194a87dae
c34e73186f6a6a8b0e0482f529be8e90ab6b07d53c01f1ef3a28e413fa85e579
c4d37594ef5d6374d399b328db38c048b66b994281eb918e6482df1a00b429e0
c5016396342b8cbba17ec852021db67110ccc8c0061487b00f37833e44f583a6
c744b6a692586443ba57d0995e802e2109827210794b8289d73c87948af1b658
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca2f4f66b334aea047b896927230ba6ba7d0aa4d4a5164bb6d7e69388b3750cd
cb3ec02ec3d192d5c2d080d8e5c09a7386ca5aafe94c49928362e5389b61c3dd
d17032b119ba67ed596d20845b809e9a0ffd10f0dd158b56f892a7993db0139c
d60ad46be856b389b813d757e995daf07fc96a2238a37088bfb7ff058b1b2fe0
e0c24de2b871c01c028711705839bdf49972c885144cfc3f630204eef8c8b639
e21bbccffa9c81627f7a805c8fd84ec651d3423583223681e2b2c0b656448f6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b5753580de992cd3b18a968d9c6686c11240546a87d59db39991032bfbeda3
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ee011146ed8f069603ac7e245b304b39c02a0cd0ca8cf17063ca021bb64b78e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f651b65de1b9ba23325dc288bb88af5ef00c645cdd204c6d9aab89b392b106e3
f73e848b24ad40c15afaf69b53807860a288705b8ebbbbc42479c3361eeb4948
fb5f9b57b63a189c10e86f1b99a7d1fae0d25a7b3f0817b72328eda237be7c72
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ffdc9450b1cf86a9b3d5c99ba6324d80039818f85360f5eda5d42f2d3d9eebeb

twdown.net Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

136 Requests

92 %HTTPS

68 %IPv6

21 Domains

33 Subdomains

28 IPs

5 Countries

3051 kBTransfer

5536 kBSize

23 Cookies

2 Outgoing links

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

twdown.net Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

92 %
HTTPS

68 %
IPv6

21
Domains

33
Subdomains

28
IPs

5
Countries

3051 kB
Transfer

5536 kB
Size

23
Cookies

136 HTTP transactions
4 data transactions