tweak-box.com Open in urlscan Pro
2606:4700:20::6819:915 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tweak-box.com/download/
Submission: On March 19 via manual (March 19th 2023, 2:49:27 am UTC) from KR — Scanned from DE

Summary HTTP 77 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 77 HTTP transactions. The main IP is 2606:4700:20::6819:915, located in United States and belongs to CLOUDFLARENET, US. The main domain is tweak-box.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.

This is the only time tweak-box.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:20:... 2606:4700:20::6819:915	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.194.40 13.224.194.40	16509 (AMAZON-02) (AMAZON-02)
1	174.129.77.71 174.129.77.71	14618 (AMAZON-AES) (AMAZON-AES)
14	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
77	14

17 2606:4700:20::6819:915 (United States)

ASN13335 (CLOUDFLARENET, US)

tweak-box.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-40.fra2.r.cloudfront.net

d2fuc4clr7gvcn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.129.77.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-77-71.compute-1.amazonaws.com

track.gaug.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	455 KB
17	tweak-box.com tweak-box.com	294 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 32	116 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	58 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	146 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	3 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8720	696 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	607 B
1	gaug.es track.gaug.es — Cisco Umbrella Rank: 241216	389 B
1	cloudfront.net d2fuc4clr7gvcn.cloudfront.net	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	7 KB
77	12

	Domain	Requested by
19	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	tweak-box.com	tweak-box.com
12	pagead2.googlesyndication.com	tweak-box.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com tweak-box.com googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	track.gaug.es	tweak-box.com
1	d2fuc4clr7gvcn.cloudfront.net	tweak-box.com
1	cdnjs.cloudflare.com	tweak-box.com
77	15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
youtu.be
support.apple.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.gaug.es Sectigo RSA Domain Validation Secure Server CA	`2023-03-02` - `2024-04-01`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://tweak-box.com/download/
Frame ID: C53E6504B7EDA4D9E37575F44CE197A0
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html
Frame ID: 2B07E394CCC16A5CBDDC915E88E5D49D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367824146894034&output=html&adk=1812271804&adf=3025194257&lmt=1678026652&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftweak-box.com%2Fdownload%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679194162626&bpp=9&bdt=220&idt=81&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=968790082582&frm=20&pv=2&ga_vid=745168671.1679194163&ga_sid=1679194163&ga_hid=1808647061&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072951%2C31073141%2C44786632%2C44786920&oid=2&pvsid=2680666830825944&tmod=421911203&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=116
Frame ID: 0201F9511601409702180BA98362C5BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367824146894034&output=html&h=280&adk=4264223441&adf=1771490913&pi=t.aa~a.1712659698~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678026652&rafmt=1&to=qs&pwprc=5166825385&format=1200x280&url=https%3A%2F%2Ftweak-box.com%2Fdownload%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679194162635&bpp=2&bdt=229&idt=113&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=968790082582&frm=20&pv=1&ga_vid=745168671.1679194163&ga_sid=1679194163&ga_hid=1808647061&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072951%2C31073141%2C44786632%2C44786920&oid=2&pvsid=2680666830825944&tmod=421911203&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uYBFqlISx5&p=https%3A//tweak-box.com&dtd=117
Frame ID: E018CABCB3D8E5954FE13C3E02580273
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Frame ID: EBDD0EA54987603DF60A8A0A175127C5
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Frame ID: 70127C10EAAA96A7A6274CEFC9611BE4
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 109C6304B016E3D8447D529C6C71CC25
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EDDE29B344364380CD14D1711570DB14
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Frame ID: 87E19843DABA8CEDCAFA7019CC3B2CEA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Frame ID: ACAA806B15E674FEBBF2D7F148BA6254
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Frame ID: D64892F251FA13985A29AB1FB8368449
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1997A5BB8F19343C0BD2005EA9183120
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD6D489949AB51E817DEED61A541AD71
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download TweakBox App ( How-to Tutorial )

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Page Statistics

77
Requests

100 %
HTTPS

85 %
IPv6

12
Domains

15
Subdomains

14
IPs

2
Countries

1082 kB
Transfer

2920 kB
Size

13
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/tweakbox/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://youtu.be/hdP2rd64vl4
Title: YouTube

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-in/HT205347
Title: steps here

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-us/HT204234
Title: Put your device into Airplane mode

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-in/HT201954
Title: warranty being voided

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tweakbox.store/
Title: https://www.facebook.com/tweakbox.store/

Search URL Search Domain Scan URL

URL: https://twitter.com/TweakBox111
Title: https://twitter.com/TweakBoxApp

Search URL Search Domain Scan URL

URL: https://twitter.com/TweakBoxApp
Title: https://twitter.com/TweakBoxApp

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

77 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tweak-box.com/download/ 204 KB
38 KB 75ms
25ms Document
text/html 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b96b8172d670abd297fd521edfe9981daec29b4724842a43705869241912f1e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1166725
cache-control: max-age=31536000
cf-cache-status: HIT
cf-ray: 7aa266dadd9c9213-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 19 Mar 2023 02:49:22 GMT
expires: Sun, 05 Mar 2023 14:43:57 GMT
last-modified: Sun, 05 Mar 2023 14:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD29ZSpsqYDumGeVW5fQXYr7BPXZKZRViqDne%2FGCBZRwXfPxtec2ss766IwCFGeaQNlp%2FncbeHESPYshewkq0fO9O65dPHbvmnw7HjmDqIT385ImY92NCIS3ij4wywOHcqWCXeclGfJggSg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

GET
H2 200 ratemypost.ttf
tweak-box.com/wp-content/plugins/rate-my-post/public/css/fonts/ 5 KB
3 KB 21ms
19ms Font
font/ttf 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tweak-box.com/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f

Request headers

Referer: https://tweak-box.com/download/
Origin: https://tweak-box.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 06:59:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2549565
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b97u8iLkKiJ8WDrnIZD2kEG%2BdFWmbAPSok3xCQPF1BI3zxvURk%2BAJ4pyPUSyn0PhQ18ZzgbwhDLxeSR3QQ271r3D0jQ3sJayIzRNjHcpBbarVfJQ9wksoFhPUkMk7NMB%2BA3o3t0hOu%2By3Wg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=31536000
cf-ray: 7aa266db2dbe9213-FRA
expires: Sat, 17 Jun 2023 14:36:37 GMT

GET
H2 200 style.css
tweak-box.com/wp-content/cache/min/1/wp-content/plugins/wptouch-pro/themes/foundation/default/ 22 KB
7 KB 17ms
15ms Stylesheet
text/css 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tweak-box.com/wp-content/cache/min/1/wp-content/plugins/wptouch-pro/themes/foundation/default/style.css?ver=1676643981
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8809f39a7b6fa8f457102b6fa5b8ba97af706c45435227d71d27c995c19e25b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 17 Feb 2023 14:26:21 GMT
server: cloudflare
age: 787710
cf-polished: origSize=22502
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkEIm4s4uU5tnX9On4dDk5gMaEUZ50f0GG7PVuIA3qUCubOi3CpM7ba0hv5wb7pTlToaJd45Efftng7kOe7RN7y17lLlGqOMb7ZTtDbHxIc6PE5tKRskFxRzbu39lioXPhPqhDOQlsSTw6E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7aa266db2dc09213-FRA
expires: Sat, 09 Mar 2024 00:00:52 GMT

GET
H2 200 classic-themes.min.css
tweak-box.com/wp-includes/css/ 217 B
465 B 20ms
18ms Stylesheet
text/css 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tweak-box.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 07:06:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2549565
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znMHqcIR3JPr8Nj1vl1p%2BDRoN%2BG2PUC2nv1ZDy73L5HlbVPqe4J07njtjkGgIY2vQUR%2BZVasds9wgvGfQMhqNNL4C6xS%2B0T%2Froskxk0ES4%2BfFZK%2Fyy0ycpuXqJl%2FobMwwrw1kc52NDFKOHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7aa266db2dc19213-FRA
expires: Sat, 17 Feb 2024 14:36:37 GMT

GET
H2 200 rate-my-post.css
tweak-box.com/wp-content/cache/min/1/wp-content/plugins/rate-my-post/public/css/ 10 KB
2 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tweak-box.com/wp-content/cache/min/1/wp-content/plugins/rate-my-post/public/css/rate-my-post.css?ver=1676643981
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3d170cc7ec7d8ce2c47e64ab73aca0da7c6dadf2e66f30f07a9c70ec9e2f593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 17 Feb 2023 14:26:21 GMT
server: cloudflare
age: 2549608
cf-polished: origSize=10771
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76oZGsBEqbhMLapGTmgfHWT9XEgcz9r%2Bgrv28mRV%2B6aP5hOVzqlOli5CFivTWCeDFozytJmGueolN2w2x3Eg%2F8qGJz2cDUJJ5k%2B%2BYjU9JIElnoSjlIYvRT6lxOKPQR70Rxmns1FX186Cy5E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7aa266db2dc39213-FRA
expires: Sat, 17 Feb 2024 14:35:54 GMT

GET
H2 200 screen.min.css
tweak-box.com/wp-content/plugins/table-of-contents-plus/ 1 KB
721 B 19ms
18ms Stylesheet
text/css 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tweak-box.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2212
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 06:59:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2549565
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tDmXjuQY7frMhAYRj5PL4ENTGgP3LKEaL0%2F7MDjNMGWpzna0%2Bg1Lh9%2BuBer1uABFHkqsKHtlI2pVz0xK9h4lAN8KTZhpggPZNwLlxBgUJOSBWArc%2BzQRpV12P%2FXqsFPFwaArK2t2aKcHOE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7aa266db2dc49213-FRA
expires: Sat, 17 Feb 2024 14:36:37 GMT

GET
H2 200 style.css
tweak-box.com/wp-content/cache/min/1/wp-content/wptouch-data/themes/bauhaus/default/ 17 KB
4 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tweak-box.com/wp-content/cache/min/1/wp-content/wptouch-data/themes/bauhaus/default/style.css?ver=1676643981
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c145f5f47b58e72811ff0a2b2bd2f4e63d3a6ade08c96e7271a6ec9f3f17bdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 17 Feb 2023 14:26:21 GMT
server: cloudflare
age: 2549608
cf-polished: origSize=16937
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41%2BtNmhPBK6bIJTEOgql0P3LT4yT%2FPrxhILY0u1QKr8S05aOZtNNVd7mk7oV0xt3iQ9%2Fmvx0ttvhwUMPNq3GNWntL3nQrM%2F9DsLVRns4qdq%2BdMfKmXpbqAh6Rb7peYkNm4xuYvWfLYsjuTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7aa266db2dc59213-FRA
expires: Sat, 17 Feb 2024 14:35:54 GMT

GET
H2 200 button-styles.css
tweak-box.com/wp-content/cache/min/1/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 151 KB
48 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tweak-box.com/wp-content/cache/min/1/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=1676643981
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f66d7cc6eac121652784cd3913397795decbd586dd1e32189357eca6104e60b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 17 Feb 2023 14:26:21 GMT
server: cloudflare
age: 2549608
cf-polished: origSize=154873
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBStOTRLx2Q0YzFPHn8VRIbG33bMckxGsCgPMshrvm0RSpDDKdrsUU6Ztk8Ljeus2BnSGyNyvXOaUK7lzkrNMP2c2VdHJaQPo0DzMqaKL1D5Liybt9SFPKWaCV6k4lPQjk3kupckota%2B%2BC0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7aa266db2dc79213-FRA
expires: Sat, 17 Feb 2024 14:35:54 GMT

GET
H2 200 navigation-branding.min.css
tweak-box.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 3 KB
983 B 18ms
17ms Stylesheet
text/css 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tweak-box.com/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding.min.css?ver=2.2.2
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 06:59:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2549565
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYMw6KxhVl%2Bv1jfNWrFPqSyJiw9Sl7m6hNaFhc0eGhC6cEYATdg%2FNZ32ci7ZswqJnm55zgGgYIuYDjdWgIIDr6IXGQfda9S4qyCD7kvlsvKqcqe9WOX0qfgIp%2F5hYWmcfI9YTnKYT6TWt5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7aa266db2dc89213-FRA
expires: Sat, 17 Feb 2024 14:36:37 GMT

GET
H2 200 cookieconsent.min.css
tweak-box.com/wp-content/cache/min/1/ajax/libs/cookieconsent2/3.1.0/ 4 KB
1 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tweak-box.com/wp-content/cache/min/1/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css?ver=1676643981
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 459386386a93a7e2f17759288436f8ed0c24a62dfb118bd85495c7b1d9c39aea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 14:26:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2549608
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3aDTY8orgjcA3P5c4dIL%2BR3fGv6Rg8hVJ7UprO%2FCm7bTFY0%2FqhOknCQ5ZKL1ejGxCBtaQ4nTBC7Vjxy08qdQ9xSpLMKvzqsFWsX0GbAOPYdoJJD%2FcW04I362sQ5x431hFUl9CZcxiBn15E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7aa266db2dc99213-FRA
expires: Sat, 17 Feb 2024 14:35:54 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
7 KB 35ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: tweak-box.com
URL: https://tweak-box.com/download/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 809061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5978
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBKYJyhA%2FwDOMHKAZ57pYytZjsEkSMydcQlIGxxhTEGxKh0kTMFA6so16wyLuPC1r6fGDTXGYzQxm9VGY4gZiofZAbbc3jB63%2B4VacGbD4J4e92E27QyBeHw3Nwc3ifGlGDFkntv60urAlPm4TUJiNhC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7aa266db5f0c695d-FRA
expires: Fri, 08 Mar 2024 02:49:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 46ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tweak-box.com
URL: https://tweak-box.com/download/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbcda3d77e8a7beb6db433e3ac6419500a208e896451bf352ba2c1c43f9aea9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48802
x-xss-protection: 0
server: cafe
etag: 13258869787624032705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 02:49:22 GMT

GET
H2 200 49badd109f7b4908834ce6986a8d1ffc.min.js Show response
tweak-box.com/wp-content/wptouch-data/power-pack/js/ 252 KB
75 KB 24ms
23ms Script
application/javascript 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tweak-box.com/wp-content/wptouch-data/power-pack/js/49badd109f7b4908834ce6986a8d1ffc.min.js
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbe1c44b6c86a4646595f9943f3e969e041fd9bf7b156db1e736076908c9609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 07:06:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2549608
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Pc3Q6zK1qgvZhu%2BsGVXOKnWhwd7a2FZn9kZWuXdlfr2vPZmlPLKhGbcEwjKN%2BN7fF157FBloXbicqzTbOmIa1lYE2X4ohg9zpMNEkuQIwKhvHsppZVyVvyY8qeA8nDhbC0eGr%2FREyxsWmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7aa266db3dce9213-FRA
expires: Sat, 17 Feb 2024 14:35:54 GMT

GET
H2 200 lazyload.min.js Show response
tweak-box.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 16ms
16ms Script
application/javascript 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tweak-box.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Feb 2023 07:15:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2549565
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Y6bYLu4w8NpcM%2Bpx0Be8hFPjyLFD54dATvMDAbu8m9d9rtJccav%2B43IuihpgLnIyLB8hlFLLAN9uBBvVg5A6vwMqd%2BpZrdSVRUTDBAtt%2FF7Uo74omAljeeW3Z0UG5iHCIMLh2TRyEz%2BNdg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7aa266db3dcf9213-FRA
expires: Sat, 17 Feb 2024 14:36:37 GMT

GET
H2 200 track.js Show response
d2fuc4clr7gvcn.cloudfront.net/ 4 KB
2 KB 62ms
6ms Script
application/javascript 13.224.194.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2fuc4clr7gvcn.cloudfront.net/track.js
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-40.fra2.r.cloudfront.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 01:48:01 GMT
content-encoding: gzip
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
last-modified: Tue, 16 Aug 2022 10:33:40 GMT
server: nginx/1.10.3 (Ubuntu)
x-amz-cf-pop: FRA2-C1
age: 3681
etag: W/"62fb7284-ef5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: KJ5L-3b_nwO27Mc5pQBMOKD9sjGEMN7YuxawW1GQRQmX-oFvo0x1Pw==

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11fcbd228e7d2b1ba69bf1863b629404fc8fc3ca082e24ac9995b7ba5c7bf1cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb7aa09b79b66c5bc6ed77d79e9fa2ec0b9506425aeed88e6f0ff11caba20ec1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e484ff30e57dd8f71b59d5316ed5c841a2072d12dcae42ad190e9a4df1d5dc41

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81795d045f90914dd0143a6001ad86d3501fe33a5fd53b44e6044f888a0f0d42

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0467a03317b86251ab70b7da2cd4b1b01a859aa2ff9c7a63581d15463f83822

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08638702d8b9298de365c6332ce5c28e2164f051a69d75459f44facc9062b6ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 wptouch-icons.woff
tweak-box.com/wp-content/plugins/wptouch-pro/themes/foundation/modules/wptouch-icons/font/ 11 KB
11 KB 15ms
14ms Font
font/woff 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tweak-box.com/wp-content/plugins/wptouch-pro/themes/foundation/modules/wptouch-icons/font/wptouch-icons.woff?64777116
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/wp-content/cache/min/1/wp-content/plugins/wptouch-pro/themes/foundation/default/style.css?ver=1676643981
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68ebf0f65fdbf1e57713f094f426e2f5dbba1a819dfd1959fe4b4e92a2e698aa

Request headers

Referer: https://tweak-box.com/wp-content/cache/min/1/wp-content/plugins/wptouch-pro/themes/foundation/default/style.css?ver=1676643981
Origin: https://tweak-box.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
cf-cache-status: HIT
last-modified: Sat, 27 Aug 2022 06:16:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2538713
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98cWfyS0FbAIoDhVn%2FbGATvfG8i3hSFwwKjTR9g%2Fv2TwvuxZJzNhFxG2MpIkL8ol6%2Bw2JSrDMbBZENV9tRTSnijeaWMNi0YiBgd2flzBEwchkbenAjFYOL1Qpc34PmmHY2pI%2FTvm0x5%2FQ90%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=31536000
cf-ray: 7aa266db8e029213-FRA
expires: Sat, 17 Jun 2023 17:37:29 GMT

GET
H2 200 fontawesome-webfont.woff
tweak-box.com/wp-content/plugins/forget-about-shortcode-buttons/public/fonts/ 43 KB
44 KB 15ms
14ms Font
font/woff 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tweak-box.com/wp-content/plugins/forget-about-shortcode-buttons/public/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/wp-content/cache/min/1/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=1676643981
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Referer: https://tweak-box.com/wp-content/cache/min/1/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=1676643981
Origin: https://tweak-box.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 06:59:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2548129
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98V12ivgtN3dyXZJ1EBjGRis%2B9V%2FSgfoam%2B9iSovMGhusoe1kak6wTfdgnBI9wvGPifAxfiptxHshT1Un0AdYW7SkRAIaCumj%2BRGecgRq5IemXDfvhjUHC4X2%2BkJ1RdpepJ6ir%2BTu2Bow9U%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=31536000
cf-ray: 7aa266db8e049213-FRA
expires: Sat, 17 Jun 2023 15:00:33 GMT

GET
H/1.1 200
OK track.gif
track.gaug.es/ 35 B
389 B 427ms
108ms Image
image/gif 174.129.77.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.gaug.es/track.gif?h[site_id]=5b4ee4c3644ee5449990ea12&h[resource]=https%3A%2F%2Ftweak-box.com%2Fdownload%2F&h[referrer]=&h[title]=Download%20TweakBox%20App%20(%20How-to%20Tutorial%20)&h[user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1679194162613

Requested by

Host: tweak-box.com
URL: https://tweak-box.com/download/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

174.129.77.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-77-71.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Mar 2023 02:49:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 19 Mar 2023 02:49:22 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, private
Connection: keep-alive
Content-Length: 35
Expires: Sat, 25 Nov 2000 05:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/ 350 KB
117 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367824146894034&plah=tweak-box.com&bust=31073141

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a084a79a1f9a77ea92ef29d143d59c0e248077ad129367b2e157a15c7967ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119662
x-xss-protection: 0
server: cafe
etag: 11912091310898777958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 02:49:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/ Frame 2B07 10 KB
5 KB 26ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tweak-box.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 22:45:27 GMT
etag: 2378337311435320485
expires: Sat, 01 Apr 2023 22:45:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tweakbox-original-120px-small.png
tweak-box.com/wp-content/uploads/2018/10/ 2 KB
3 KB 17ms
17ms Image
image/webp 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tweak-box.com/wp-content/uploads/2018/10/tweakbox-original-120px-small.png
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40d6e5334aafc3d5cbd6f66ff740e926dac417a76c6228ea7de1213198a726cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 790639
cf-polished: origFmt=png, origSize=3226
content-disposition: inline; filename="tweakbox-original-120px-small.webp"
content-length: 2538
cf-bgj: imgq:100,h2pri
last-modified: Fri, 02 Nov 2018 05:39:14 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yv%2FwS89hpncAxlMy79zDLXiTu8T%2BvsJ3fxwxWAVWRzsTAmDKgcK2x1ztnoEXnHJskLw9sa03wDieH6IKh51ZuLXrXY7voP8bY%2B6E3kGbjRySHt9%2BtAItd1wOr6BxvhNYg7B1fqfL%2Frzualg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aa266dc9e919213-FRA
expires: Fri, 07 Jul 2023 23:12:02 GMT

GET
H2 200 profile-settings-open.png
tweak-box.com/wp-content/uploads/2021/01/ 14 KB
15 KB 20ms
20ms Image
image/webp 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tweak-box.com/wp-content/uploads/2021/01/profile-settings-open.png
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e34160e45600d529bf9c54e5918783aa6dc8fd10dd6ede2ac853bd29db5d8f85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160666
cf-polished: origFmt=png, origSize=22555
content-disposition: inline; filename="profile-settings-open.webp"
content-length: 14788
cf-bgj: imgq:100,h2pri
last-modified: Thu, 07 Jan 2021 06:47:33 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewyBPlQAg3Tdj0TpiGBYcuL5TliHVQejuvJ0IrEigufaY755t55bezuiXkUtGhU%2BuGRw4u1dlPyVtoV0G0irev3uBQHnikkTH9fm3YIQqRvVEG35E3tJHNnbQcTE3n3hlBS6IwMI3Se2hc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aa266dc9e939213-FRA
expires: Sat, 15 Jul 2023 06:11:35 GMT

GET
H2 200 tweakbox-app5_iphone12promaxsilver_portrait_image.png
tweak-box.com/wp-content/uploads/2021/01/ 35 KB
36 KB 20ms
19ms Image
image/webp 2606:4700:20::6819:915
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tweak-box.com/wp-content/uploads/2021/01/tweakbox-app5_iphone12promaxsilver_portrait_image.png
Requested by: Host: tweak-box.com
URL: https://tweak-box.com/download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:915 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d440d43261c28cbb01bbc31d3190dfc4273bffb38ab69cb0bc1f90e1862c25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2548274
cf-polished: origFmt=png, origSize=51625
content-disposition: inline; filename="tweakbox-app5_iphone12promaxsilver_portrait_image.webp"
content-length: 36088
cf-bgj: imgq:100,h2pri
last-modified: Thu, 07 Jan 2021 06:41:31 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ql5zE8PAFYFEkj94ryVEPzhaGNntTyk6KPg2wN402BHX8MMTaCDXoWz4AyTCtew2TmocnzOces2rmo0BBJCpolpYKo3BebE3zxeRC%2BORrjxpiPJEz4XVfmSHrQiD32f%2Bv2yaDVF6sbM%2Byuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7aa266dc9e949213-FRA
expires: Sat, 17 Jun 2023 14:58:08 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
607 B 36ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tweak-box.com&callback=_gfp_s_&client=ca-pub-2367824146894034

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2367824146894034&plah=tweak-box.com&bust=31073141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33bc5d25671022d6b8c637a434d9b224413880baccd870ac5d9799b0378ce30d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 68ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tweak-box.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 41ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tweak-box.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0201 274 KB
68 KB 765ms
764ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367824146894034&output=html&adk=1812271804&adf=3025194257&lmt=1678026652&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftweak-box.com%2Fdownload%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679194162626&bpp=9&bdt=220&idt=81&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=968790082582&frm=20&pv=2&ga_vid=745168671.1679194163&ga_sid=1679194163&ga_hid=1808647061&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072951%2C31073141%2C44786632%2C44786920&oid=2&pvsid=2680666830825944&tmod=421911203&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=116

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6007e52306f0498f2c458afaccc845436d4aae4af8c8aa7db55c5f3f7f42007e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tweak-box.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 69312
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 02:49:23 GMT
expires: Sun, 19 Mar 2023 02:49:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E018 99 KB
34 KB 1167ms
1167ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367824146894034&output=html&h=280&adk=4264223441&adf=1771490913&pi=t.aa~a.1712659698~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678026652&rafmt=1&to=qs&pwprc=5166825385&format=1200x280&url=https%3A%2F%2Ftweak-box.com%2Fdownload%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679194162635&bpp=2&bdt=229&idt=113&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=968790082582&frm=20&pv=1&ga_vid=745168671.1679194163&ga_sid=1679194163&ga_hid=1808647061&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072951%2C31073141%2C44786632%2C44786920&oid=2&pvsid=2680666830825944&tmod=421911203&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uYBFqlISx5&p=https%3A//tweak-box.com&dtd=117

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05f9258bd1f66c63949a3d6bacb99be507e5176e7e6fcc1731cd8d955b0c276b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tweak-box.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34444
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 02:49:23 GMT
expires: Sun, 19 Mar 2023 02:49:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/ 149 KB
51 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/reactive_library_fy2021.js?bust=31073141

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ada77a46fa58f248b5a5357304feec5df14492142e83a160075f454728eeba79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52111
x-xss-protection: 0
server: cafe
etag: 11503544524224331553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 02:49:23 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tweak-box.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tweak-box.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/ Frame EBDD 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tweak-box.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 23:21:33 GMT
etag: 2378337311435320485
expires: Sat, 01 Apr 2023 23:21:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/ Frame 7012 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tweak-box.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 23:21:33 GMT
etag: 2378337311435320485
expires: Sat, 01 Apr 2023 23:21:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame EBDD 4 KB
1 KB 36ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Mar 2023 02:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Mar 2023 02:23:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Mar 2023 02:49:23 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EBDD 205 B
650 B 26ms
6ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 18:42:41 GMT
x-content-type-options: nosniff
age: 29202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 17 Mar 2024 18:42:41 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EBDD 604 B
695 B 27ms
7ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 19:47:18 GMT
x-content-type-options: nosniff
age: 25325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 17 Mar 2024 19:47:18 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/elements/html/ Frame EBDD 13 KB
6 KB 56ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1117d4af14736c84ce696b807780ddb3396fdee9617ca9a4eb2e70c33cead5aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 04:01:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6047
x-xss-protection: 0
server: cafe
etag: 139590074101847282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 04:01:39 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/elements/html/ Frame EBDD 20 KB
9 KB 44ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

317f149045d69a8bf445de8bbd3ff61b2cc95da746998e97f4381dfe3326c7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 18:18:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 16448057571289220057
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 18:18:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7012 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7jlzMngWZPG7LsPTx_APi--hGMvexsRvsKCAvIQR2dkeEAEgiJuUFWCV4pCCoAegAZyv-6gCyAECqAMByAPJBKoE1AFP0O1L4kNedjYeXodl41jBpuY2vaR4O3-Ie7UOisnZvcaNCtPK_92KNW4vSXjHMu7O9fNS0oxuH-5UqONhXRKoQ5-GDD4tpvkeiRmps_RwVpTmhW7lT4szNC-3-Es5iujMsMMSgOgUx-UESpuAbdodWNTbkt0Hbp4e1TnKxcg4ZLOrFrKvE92mGlP6-_47Zw-728-slYGTOPNAids-922UHDREyAwVQ3W0_MuzjWZk6TBHhmAeJjyzIy0VFQracAZMqBV2vzeP1plrSD3WO2gvAcj2NsAEmoKa06cEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ89dK0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMjM2NzgyNDE0Njg5NDAzNBgA&sigh=lfntaXG1ifI&uach_m=[UACH]&cid=CAQSGwDUE5ymouOMSKnZw4SnDnF2-yt6hgxoBzAhvhgB

Requested by

Host: tweak-box.com
URL: https://tweak-box.com/download/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 19 Mar 2023 02:49:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Mar 2023 02:49:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 7012 22 KB
9 KB 41ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 18:08:28 GMT

GET
H2 200 12717308767322787810
tpc.googlesyndication.com/simgad/ Frame 7012 38 KB
39 KB 42ms
12ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12717308767322787810?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnb7d6-Ot7cpfctUgAjuv5PXtezTQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e127309b27e4aff1481f552a631d0992289f1d41b0f3c9cc03756bb34ab77dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 11:32:57 GMT
x-content-type-options: nosniff
age: 227786
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39292
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 11:47:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Mar 2024 11:32:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 7012 3 KB
1 KB 39ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 15:43:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 15:43:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 7012 20 KB
9 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 18:07:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7012 158 KB
49 KB 33ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Mar 2023 02:49:23 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 7012 34 KB
14 KB 46ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b21d3c84a56e96a787129c9b016a36df3ee65aadec3d5c693c5e88eb808e76de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 18:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13869
x-xss-protection: 0
server: cafe
etag: 12751962951837030032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 18:15:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 109C 8 KB
968 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Mar 2023 02:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Mar 2023 02:25:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Mar 2023 02:49:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 109C 2 KB
846 B 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 18:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 18:12:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 109C 22 KB
9 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 18:08:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 109C 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 15:43:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 15:43:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 109C 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 18:07:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 109C 158 KB
48 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Mar 2023 02:49:23 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 109C 34 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 04:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 10:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 04:57:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EDDE 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 01:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7012 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8c1257ad09fd9757f8cf3ade9d62e9aec5edf8104531066943a755fa41b0dca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame E018 8 KB
895 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367824146894034&output=html&h=280&adk=4264223441&adf=1771490913&pi=t.aa~a.1712659698~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678026652&rafmt=1&to=qs&pwprc=5166825385&format=1200x280&url=https%3A%2F%2Ftweak-box.com%2Fdownload%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679194162635&bpp=2&bdt=229&idt=113&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=968790082582&frm=20&pv=1&ga_vid=745168671.1679194163&ga_sid=1679194163&ga_hid=1808647061&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072951%2C31073141%2C44786632%2C44786920&oid=2&pvsid=2680666830825944&tmod=421911203&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uYBFqlISx5&p=https%3A//tweak-box.com&dtd=117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Mar 2023 02:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Mar 2023 02:13:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Mar 2023 02:49:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame E018 2 KB
765 B 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 18:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 18:12:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame E018 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 18:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 18:08:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame E018 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 15:43:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 15:43:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame E018 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 18:07:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8617
x-xss-protection: 0
server: cafe
etag: 263085479041318444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 18:07:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E018 158 KB
48 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Mar 2023 02:49:23 GMT

GET
H3 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame E018 34 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 04:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 10:19:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 04:57:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E018 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQaLKMngWZKeEL8TYx_AProGd4AHL6OrNbbS_tMurEcy75J3kCRABIIiblBVgleKQgqAHoAHz08vTA8gBCakC1WC00sPmsT6oAwHIA8sEqgTtAU_Q-izjs67BO8J7ugzg09XnyTMAPnARIxU1wVxCRwmF-Ij78vgrcLpfC1aeuWwsdZemZZNSh0jVf_uUQHO2c2otUOiIz0CsVDMc48tTw_wluaxnhgyn9yUBGx4fjmaLaSX6TAXN0oI3DMn0KgnvxwsMVHjbmFCDdv-NcagN1AM6e3EBvwMeu3axJSIPyXvayLD6erJB0rdDGMON-R8yMbjMEwsyQQSvMX-MQIkwBlb_TzCXJCBORnvTLGKdREhugENM169BC7B7O2BDKjKTO-UR4wRJ8UmU5xSe_QhHUBEAj5F6jjLbUhS3spHufcAE4MmP7pkEkgUECAQYAZIFBAgFGASgBi6AB8-Xui-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD1zUrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yMzY3ODI0MTQ2ODk0MDM0GAA&sigh=XZo5TbCvL1Q&uach_m=[UACH]&cid=CAQSGwDUE5ympFrRO711I6YfafWiFYgX9NelDlsE5BgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2367824146894034&output=html&h=280&adk=4264223441&adf=1771490913&pi=t.aa~a.1712659698~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1678026652&rafmt=1&to=qs&pwprc=5166825385&format=1200x280&url=https%3A%2F%2Ftweak-box.com%2Fdownload%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679194162635&bpp=2&bdt=229&idt=113&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=968790082582&frm=20&pv=1&ga_vid=745168671.1679194163&ga_sid=1679194163&ga_hid=1808647061&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31072951%2C31073141%2C44786632%2C44786920&oid=2&pvsid=2680666830825944&tmod=421911203&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uYBFqlISx5&p=https%3A//tweak-box.com&dtd=117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 19 Mar 2023 02:49:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 87E1 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js

Requested by

Host: tweak-box.com
URL: https://tweak-box.com/download/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 14:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14123
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 14:00:42 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EDDE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

18ms
18ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 02:49:24 GMT
expires: Sun, 19 Mar 2023 02:49:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 02:49:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js Show response
pagead2.googlesyndication.com/bg/ Frame ACAA 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 14:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14123
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 14:00:42 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17433254192864299144/ Frame E018 36 KB
36 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17433254192864299144/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b62b584abd0206f819f43b501ed33c99234a6b73e91207a38f7ce5fcbb1501c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:22:51 GMT
x-content-type-options: nosniff
age: 257192
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37203
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 09:36:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Mar 2024 03:22:51 GMT

GET
DATA 200
OK truncated
/ Frame E018 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E018 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E018 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1505bd399ee34ac050e2f590052808fab42db33c7f9ff803af7536fe3206c35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E018 28 KB
28 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:05:31 GMT
x-content-type-options: nosniff
age: 294233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 17:05:31 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 36ms
22ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230315&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

206fe229eeecddcadc4e14a70ff25ee2b1f4298c2471e864519dfd5211dea5b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11266
x-xss-protection: 0

GET
H3 200 KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js Show response
pagead2.googlesyndication.com/bg/ Frame D648 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 14:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14123
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 14:00:42 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 02:49:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1997 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tweak-box.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 15:43:29 GMT
expires: Sun, 17 Mar 2024 15:43:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BD6D 783 B
970 B 17ms
17ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d173dbbad2b7c05984272c656dd6225b6c8875ef89f30ae593f61156b51b1919

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kFiqRouCS83js_tJ5xHRCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tweak-box.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-kFiqRouCS83js_tJ5xHRCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 02:49:24 GMT
expires: Sun, 19 Mar 2023 02:49:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1997 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 14:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14123
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 14:00:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BD6D 0
0 41ms
41ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230315&jk=2680666830825944&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1997 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oEqL7A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:49:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230315&jk=2680666830825944&bg=!5uWl5bHNAAZEjmHWZI47ADkAdvg8WtxU9kItqSW96_mgRxU9TAqtz3S8f_2rR4gD9ZcnHhjA5IszHdZOEMY6spA2MY4KDBDCWdECAAAAT1IAAAALaAEHCgAVQBAhlEruq5EiFdMZIe46q3kkOnXHmQKUmOAswu3nSz1nvwx6P71aRuffmaLQ5nfffBdF1yp3kxTQYuhhj2g8hEqsd93javddH6cPS8hY45v6nP-M2oj7RQ31QsMCIKIBRCiIDt7S7mDBeX7OMDC7TompvpBb8J0I949M3o7a1wWaDQSqE9uFJlYz7xVWZkBleceWO6RUi4pPx_ZWQ_OKM6WANhJ9HPKv4Pj8QBuubCA1Xz2rf1dRlgZt5J0SXjcsIr2507YLqe2ewVGUDC9S0Ch7ydHkYLhnbyzJv2m1l6tB0lHrUrGaXB-8iq026P_BuH1uU2KDdrNV33UCgBqEYbKdGkXZOX1stEjtTzb4ICRETtHFZxckmaJYbFq7vQASUXtnVmviMMaVwhCV29OfGrcFuReh_bYeIFDs9J8-HAqosBor3C9Jg5OCDEwXcJHe6BTNvEi_paTOgWD9hlUwqY-MsrPIb0UkSeIB_GpgAXMyhlN1OiBfPugRVmcfnlVbIlu7isNSrePQiClAxY3axN2vCxrNJz1P765e85Oh7MXEqAY4KJkr1hQ62drd8G4c5StElBvD2GXyglATfxlUfBdxvRUhdEzFO8f0-BWHKHbj_nHppnE23bB6BPxwrsIBZa0smofGkCcd4Eznv44qBZAaSvkZWe59-Wd74nQlzCFkQlGK4IT9XbQY7vftPV2M6hS-tljNdyGzNN716fSHPFfap7QPfLJQMH7KOs12vjgZzcRjw2CX973V4wnfm9E7GVR-YcZyGcZiMM6BJFQzDvl0bRKiTmSQtcjfgwKXLWCrWGB15-zsmWKtKz04Fvi9Boja5HRNzcYAEvwESEViY8WIK4WKXgKehm6iP0vcdZkoNgAo2ga89CefS-n80UZ7c7jWnzwUfO-j-7W3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tweak-box.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7012 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuP3zVKqxESxVPPTRYRG14ZQwY3qZ_-AOzuzjPxEMCaNbfquQKcuq-Xfq2Gqy55QPeraRHoytJxmc21NCqDviB-K2ImhQejaQyhLQHPaTJudxoIIFqmbFHh3c5EkaVVqTGnsR9LsQ&sai=AMfl-YSowB0TYyJtnauS_t6aZ7gTQ8ylu2XleIWtFFjWgYw_H-9rr3UKE-Ujmg0cNUlaD7MBaS-Z_KvaG6aM&sig=Cg0ArKJSzHQv9HLzzkZOEAE&cid=CAQSGwDUE5ymouOMSKnZw4SnDnF2-yt6hgxoBzAhvhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=84,767,1000,1034,1250&tos=84,683,233,34,216&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679194163758&rpt=129&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 02:49:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E018 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBRECxRrFQNB-fTr2GMmlxSjkAundjVVDyRDKAO84SZ_QdmCI7A46fNKU5Pma9h6XqM7ARVxWtXr9d8XQ7_Xbslr7CHwuHix8cmYqyhsOm6asghW4OSbKe06YpUJLbDOexMO0WAA&sai=AMfl-YT0PMfiJO7vzSsmdpASXGb_X9tXwbq_3gTrAkU_BVNlUvQQZmcXnoEEe8PpDYnVtPMB49uQYhp7tYXY&sig=Cg0ArKJSzHouU_VZszOEEAE&cid=CAQSGwDUE5ympFrRO711I6YfafWiFYgX9NelDlsE5BgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230315&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4264223441&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679194162753&rpt=1425&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 02:49:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tweak-box.com/	1970-01-20 19:12:10	Name: pll_language Value: en
tweak-box.com/	1970-01-20 10:26:37	Name: _gauges_unique_hour Value: 1
tweak-box.com/	1970-01-20 10:28:00	Name: _gauges_unique_day Value: 1
tweak-box.com/	1970-01-20 11:11:12	Name: _gauges_unique_month Value: 1
tweak-box.com/	1970-01-20 19:12:10	Name: _gauges_unique_year Value: 1
tweak-box.com/	1970-01-20 19:12:10	Name: _gauges_unique Value: 1
tweak-box.com/	1970-01-20 19:12:10	Name: wptouch-device-type Value: tablet
tweak-box.com/	1970-01-20 19:12:10	Name: wptouch-device-orientation Value: landscape
.tweak-box.com/	1970-01-20 19:48:10	Name: __gads Value: ID=9ac802200693c865-223221255fdd0007:T=1679194162:RT=1679194162:S=ALNI_MbWUkG6Kb4pVb9qe6zNPeWyrkqKlQ
.tweak-box.com/	1970-01-20 19:48:10	Name: __gpi Value: UID=00000bc824f4f719:T=1679194162:RT=1679194162:S=ALNI_MbR1rLiUNnDOKHfplaZX_-QzETNOg
.doubleclick.net/	1970-01-20 19:48:10	Name: IDE Value: AHWqTUlSFxtgaXhcHV29QmafEJyVXvpMiZldKE_-91XzMDmRBym8x5nb-Opl6v6HbkY
.doubleclick.net/	1970-01-20 10:26:35	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 10:26:37	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
d2fuc4clr7gvcn.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
track.gaug.es
tweak-box.com
www.google.com
www.googletagservices.com
www.gstatic.com
13.224.194.40
174.129.77.71
2606:4700:20::6819:915
2606:4700::6811:180e
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2002
05f9258bd1f66c63949a3d6bacb99be507e5176e7e6fcc1731cd8d955b0c276b
08638702d8b9298de365c6332ce5c28e2164f051a69d75459f44facc9062b6ee
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1117d4af14736c84ce696b807780ddb3396fdee9617ca9a4eb2e70c33cead5aa
11fcbd228e7d2b1ba69bf1863b629404fc8fc3ca082e24ac9995b7ba5c7bf1cd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b62b584abd0206f819f43b501ed33c99234a6b73e91207a38f7ce5fcbb1501c
1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee
1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639
206fe229eeecddcadc4e14a70ff25ee2b1f4298c2471e864519dfd5211dea5b5
2a0e5bf3737755c3dff420d02d33cddae12560e84c602859f2d3f7da6a906116
2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317f149045d69a8bf445de8bbd3ff61b2cc95da746998e97f4381dfe3326c7f7
33bc5d25671022d6b8c637a434d9b224413880baccd870ac5d9799b0378ce30d
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791
3e127309b27e4aff1481f552a631d0992289f1d41b0f3c9cc03756bb34ab77dd
40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f
40d6e5334aafc3d5cbd6f66ff740e926dac417a76c6228ea7de1213198a726cf
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
459386386a93a7e2f17759288436f8ed0c24a62dfb118bd85495c7b1d9c39aea
4a084a79a1f9a77ea92ef29d143d59c0e248077ad129367b2e157a15c7967ae8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c145f5f47b58e72811ff0a2b2bd2f4e63d3a6ade08c96e7271a6ec9f3f17bdb
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6007e52306f0498f2c458afaccc845436d4aae4af8c8aa7db55c5f3f7f42007e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67d440d43261c28cbb01bbc31d3190dfc4273bffb38ab69cb0bc1f90e1862c25
68ebf0f65fdbf1e57713f094f426e2f5dbba1a819dfd1959fe4b4e92a2e698aa
81795d045f90914dd0143a6001ad86d3501fe33a5fd53b44e6044f888a0f0d42
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8809f39a7b6fa8f457102b6fa5b8ba97af706c45435227d71d27c995c19e25b4
8b96b8172d670abd297fd521edfe9981daec29b4724842a43705869241912f1e
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
ada77a46fa58f248b5a5357304feec5df14492142e83a160075f454728eeba79
b21d3c84a56e96a787129c9b016a36df3ee65aadec3d5c693c5e88eb808e76de
b8c1257ad09fd9757f8cf3ade9d62e9aec5edf8104531066943a755fa41b0dca
bb7aa09b79b66c5bc6ed77d79e9fa2ec0b9506425aeed88e6f0ff11caba20ec1
bbcda3d77e8a7beb6db433e3ac6419500a208e896451bf352ba2c1c43f9aea9b
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
d0467a03317b86251ab70b7da2cd4b1b01a859aa2ff9c7a63581d15463f83822
d173dbbad2b7c05984272c656dd6225b6c8875ef89f30ae593f61156b51b1919
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
e34160e45600d529bf9c54e5918783aa6dc8fd10dd6ede2ac853bd29db5d8f85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e484ff30e57dd8f71b59d5316ed5c841a2072d12dcae42ad190e9a4df1d5dc41
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1505bd399ee34ac050e2f590052808fab42db33c7f9ff803af7536fe3206c35
f3d170cc7ec7d8ce2c47e64ab73aca0da7c6dadf2e66f30f07a9c70ec9e2f593
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f66d7cc6eac121652784cd3913397795decbd586dd1e32189357eca6104e60b2
fcbe1c44b6c86a4646595f9943f3e969e041fd9bf7b156db1e736076908c9609

tweak-box.com Open in urlscan Pro 2606:4700:20::6819:915 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

100 %HTTPS

85 %IPv6

12 Domains

15 Subdomains

14 IPs

2 Countries

1082 kBTransfer

2920 kBSize

13 Cookies

8 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tweak-box.com Open in urlscan Pro
2606:4700:20::6819:915 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

100 %
HTTPS

85 %
IPv6

12
Domains

15
Subdomains

14
IPs

2
Countries

1082 kB
Transfer

2920 kB
Size

13
Cookies

77 HTTP transactions
12 data transactions