newnew.twitchoverlay.com Open in urlscan Pro
158.106.132.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newnew.twitchoverlay.com/
Submission Tags: phishingrod
Submission: On May 25 via api (May 25th 2023, 10:29:11 am UTC) from DE — Scanned from DE

Summary HTTP 113 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 28 domains to perform 113 HTTP transactions. The main IP is 158.106.132.129, located in United States and belongs to PRIVATESYSTEMS, US. The main domain is newnew.twitchoverlay.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 25th 2023. Valid for: 3 months.

This is the only time newnew.twitchoverlay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	158.106.132.129 158.106.132.129	63410 (PRIVATESY...) (PRIVATESYSTEMS)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	18.196.255.22 18.196.255.22	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	54.93.94.146 54.93.94.146	16509 (AMAZON-02) (AMAZON-02)
2 2	54.76.65.236 54.76.65.236	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.64.118.247 104.64.118.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.132.62.161 18.132.62.161	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.89 108.138.36.89	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.11 108.138.36.11	16509 (AMAZON-02) (AMAZON-02)
2	35.176.156.184 35.176.156.184	16509 (AMAZON-02) (AMAZON-02)
113	32

32 158.106.132.129 (United States)

ASN63410 (PRIVATESYSTEMS, US)
PTR: host.twitchoverlay.com

newnew.twitchoverlay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.255.22 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-255-22.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.93.94.146 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-94-146.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.65.236 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-65-236.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.23 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.62.161 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-62-161.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-89.muc50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-11.muc50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.176.156.184 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-156-184.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	twitchoverlay.com newnew.twitchoverlay.com	581 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 32812 ad4m.at — Cisco Umbrella Rank: 10585 assets.ad4m.at — Cisco Umbrella Rank: 43177	549 KB
13	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	27 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	214 KB
7	imgur.com i.imgur.com — Cisco Umbrella Rank: 6148	611 B
6	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6080 adservice.google.de — Cisco Umbrella Rank: 9037	1 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 21135 api.webgains.io — Cisco Umbrella Rank: 56810	32 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2230	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	187 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 16768	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 562	1 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 34563	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 752	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 812 r.turn.com — Cisco Umbrella Rank: 3335	869 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 141178 static-de.ad4mat.net — Cisco Umbrella Rank: 183763	4 KB
2	gstatic.com fonts.gstatic.com	50 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 59947	15 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 44502	2 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 575	363 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6168	593 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 306	265 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	54 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	607 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	7 KB
1	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1352
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
113	28

	Domain	Requested by
32	newnew.twitchoverlay.com	newnew.twitchoverlay.com
8	pagead2.googlesyndication.com	newnew.twitchoverlay.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	i.imgur.com	newnew.twitchoverlay.com
6	assets.ad4m.at	as.ad4m.at
6	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net newnew.twitchoverlay.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	www.google.com	newnew.twitchoverlay.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	x.bidswitch.net	3 redirects
3	www.google.de	newnew.twitchoverlay.com
3	www.googletagmanager.com	newnew.twitchoverlay.com www.googletagmanager.com
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	as.ad4m.at
2	c1.adform.net	2 redirects
2	r.scoota.co	2 redirects
2	pm.w55c.net	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	dis.criteo.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	r.turn.com	newnew.twitchoverlay.com
1	ad.turn.com	1 redirects
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	newnew.twitchoverlay.com
1	kit.fontawesome.com	newnew.twitchoverlay.com
1	fonts.googleapis.com	newnew.twitchoverlay.com
113	39

This site contains links to these domains. Also see Links.

Domain
twitter.com
instagram.com
www.facebook.com
twitchoverlay.com
www.twitch.tv
twitch.tv

Subject Issuer	Validity	Valid
newnew.twitchoverlay.com cPanel, Inc. Certification Authority	`2023-05-25` - `2023-08-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 10 frames:

Primary Page: https://newnew.twitchoverlay.com/
Frame ID: 11BB4495E8E757DBC8C23400BD799E01
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230522/r20190131/zrt_lookup.html
Frame ID: 226DACCF41CCCDC78BEE9CDE7CC3376E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723338371508128&output=html&adk=1812271804&adf=3025194257&lmt=1685010546&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685010546079&bpp=2&bdt=429&idt=191&shv=r20230522&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=29872564532&frm=20&pv=2&ga_vid=672164064.1685010546&ga_sid=1685010546&ga_hid=935691488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44792645&oid=2&pvsid=920133617030352&tmod=936148123&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211
Frame ID: 8C1E732B794A5CFC7B789AF5F186E345
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723338371508128&output=html&h=90&slotname=2134729093&adk=2932901231&adf=787635767&pi=t.ma~as.2134729093&w=728&lmt=1685010546&format=728x90&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685010546081&bpp=1&bdt=432&idt=217&shv=r20230522&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=29872564532&frm=20&pv=1&ga_vid=672164064.1685010546&ga_sid=1685010546&ga_hid=935691488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44792645&oid=2&pvsid=920133617030352&tmod=936148123&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zsupv2RHuU&p=https%3A//newnew.twitchoverlay.com&dtd=222
Frame ID: F922D35D52B46AFDE278C8CF8346C58D
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jdbybxc190t5fhdp1qxjdrt2cp9h7h9gvkxbe1qnmq7z8v41pvz10c7w1g9ams8t9gsfjrt54d6jjffbx5pdppkrxw4f2ftce859ccj50qhhpszvgy6ftckzd031fx3v9n0gabawa9h4vc2mbtfzj7stvec2fh280tbtqkcrwx6dgy32n6ewezkqgxr6z13b9w0wgr07e1e7s10qb5h7e6tjx4dmsjg80xte9nqt8vp77fa8zp42eyhyzdjahrk7rhc1bspa28xcyyrwah3r21gdarg305wthnr8xghtx0gs1cmvzhbwfx5351k4dzh2t1kxdbh51jf326mn9qxyn1bx8pqtqxk3fp3mbqvk440f4fdn3x8wp9m7st78kj8841ksy8ewkrhg6k6p9j4pgvkyf6vahr4jxjrc2q08y5pqp97ha5pwrj8g1a4xmbdhxcn0c9a64&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%26client%3Dca-pub-1723338371508128%26adurl%3D
Frame ID: F77EEE3E8C38ED1233574DF2DE04D389
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C161E06D38343CCF0CD2E976B9E8F1DD
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8D6CCFEFE6317A4ED142F2460DDAE0C2
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=47681a1e4ab9d35bbadbe3133d4eb883%2F14001344634175142466&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685010546695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%2526client%253Dca-pub-1723338371508128%2526adurl%253D&y=1&s=&z=0
Frame ID: 32AE2E519B529A6E646D0C6C28A435C9
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 474B382FF306959EBD1BFD842B2F9CC8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61EC3304B0D4894EF797C2C321F89733
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Twitch Overlay – Just another WordPress site

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

113
Requests

96 %
HTTPS

56 %
IPv6

28
Domains

39
Subdomains

32
IPs

8
Countries

1748 kB
Transfer

2888 kB
Size

24
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/TwitchOverlay

Search URL Search Domain Scan URL

URL: https://instagram.com/TwitchOverlay

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TwitchOverlaySocial/

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/downloads/rusted-titan-fire-stream-package/
Title: Your browser does not support video playback Fire Stream Overlay Package

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/downloads/carbon-dark-stream-package/
Title: Your browser does not support video playback Carbon Twitch Overlay Package

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/family/razor/
Title: Your browser does not support video playback A stream overlay in your color

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/downloads/category/premium-downloads/twitch-overlays/
Title: Twitch Overlays

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/downloads/category/free-downloads/free-twitch-alerts/
Title: Twitch Alerts

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/downloads/category/premium-downloads/stream-packages/
Title: Stream Packages

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/downloads/category/premium-downloads/webcam-overlays/
Title: Webcam Overlays

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/downloads/category/premium-downloads/twitch-banners-avatars/
Title: Banners & Avatars

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/downloads/category/free-downloads/
Title: Free Stuff

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/awicb

Search URL Search Domain Scan URL

URL: https://twitch.tv/stupidloserboys

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/stupidloserboys
Title: twitch.tv/StupidLoserBoys

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/ramautso

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/downloads/gothicon-full-stream-package/
Title: GOTHIC

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/downloads/skull-house-horror-stream-overlay/
Title: HORROR/GRUNGE

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/downloads/type-ultra-punk-stream-package/
Title: PUNK

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/downloads/bold-bright-blue-stream-overlay/
Title: BRIGHT & FUN

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/downloads/category/premium-downloads/
Title: See all our Premium Downloads

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/blog/guide/
Title: guides section.

Search URL Search Domain Scan URL

URL: https://twitchoverlay.com/contact/
Title: get in contact

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENydiUn4XXGxydCpvie5adE&google_cver=1&google_push=ATf1kGPNQkXRuowOxj8Gt8uJ8Z4HvogTQj_6KPnag8XLOQKMA_SQTW2ZPD4ywmB575aIvk-jhZK_o2MLxDq-19zA92lcSke-zMx3ELYcvZkuPFZVVB39KRKizDeXI_ryfFaSWoP4IXQpP0DAPV8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE1NDkyMjIxMDUxODUxNjk0NA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEx2KeCSoEVFj3GSIhNURZk&google_cver=1

Request Chain 81

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBycJKo2Iz1JBbK_2ccyHxY&google_cver=1&google_push=ATf1kGNIsZFnq6yL2Kz9AN4qIopC_RglCw_RM8FOOTbAtwKm8B2Pgv-hl2Z90bwtBrmxRMlUCFlXEfA5VoXg5iDIdH50VRCS-m1abhOAIaGsq-1fjv9S_xjNdMceHIeeBDRmbE03RaX2AhV728A HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBycJKo2Iz1JBbK_2ccyHxY&google_cver=1&google_push=ATf1kGNIsZFnq6yL2Kz9AN4qIopC_RglCw_RM8FOOTbAtwKm8B2Pgv-hl2Z90bwtBrmxRMlUCFlXEfA5VoXg5iDIdH50VRCS-m1abhOAIaGsq-1fjv9S_xjNdMceHIeeBDRmbE03RaX2AhV728A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUh3UEM2aWQxUTI4ZHM1&google_gid=CAESEBycJKo2Iz1JBbK_2ccyHxY&google_cver=1&google_push=ATf1kGNIsZFnq6yL2Kz9AN4qIopC_RglCw_RM8FOOTbAtwKm8B2Pgv-hl2Z90bwtBrmxRMlUCFlXEfA5VoXg5iDIdH50VRCS-m1abhOAIaGsq-1fjv9S_xjNdMceHIeeBDRmbE03RaX2AhV728A

Request Chain 83

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPa-WGKfIxGnAZJjnG5Zz_E&google_cver=1&google_push=ATf1kGOz5XAGSZbOHqNuNhR4Jgu6r2XpZZsmJSQi6WUUuYSV0IY6cUhzDKL93PLGtuF1ek5OyX_FbZj1aPlV4-xOrU9c_Gz4UsHjtImhpYUGPRjGd-rs4VXGxDR0XAV5JeCqNRWDBhSgQCqN0Zs HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yDIjbf7yTiKcQu9khVOW_Q2&google_push=ATf1kGOz5XAGSZbOHqNuNhR4Jgu6r2XpZZsmJSQi6WUUuYSV0IY6cUhzDKL93PLGtuF1ek5OyX_FbZj1aPlV4-xOrU9c_Gz4UsHjtImhpYUGPRjGd-rs4VXGxDR0XAV5JeCqNRWDBhSgQCqN0Zs

Request Chain 84

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFKC3-bur4HSKBYu_aKIT8g&google_cver=1&google_push=ATf1kGPPnDjrByUnY3JPqOtuTz3VyUQ9wFtYqyhPNCO2dGWy0g5pSXSpLaIrAt74DcpyWOo0na88hqN3lEx_zJ0p-an2oT5zRXzDW0ktxH4DkSWgGugYxjDbROtaJTedDNdXe07BAP_rIkZSKw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFKC3-bur4HSKBYu_aKIT8g&google_cver=1&google_push=ATf1kGPPnDjrByUnY3JPqOtuTz3VyUQ9wFtYqyhPNCO2dGWy0g5pSXSpLaIrAt74DcpyWOo0na88hqN3lEx_zJ0p-an2oT5zRXzDW0ktxH4DkSWgGugYxjDbROtaJTedDNdXe07BAP_rIkZSKw HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=c541a988-73c2-499b-ac61-e790efb4aaac&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPPnDjrByUnY3JPqOtuTz3VyUQ9wFtYqyhPNCO2dGWy0g5pSXSpLaIrAt74DcpyWOo0na88hqN3lEx_zJ0p-an2oT5zRXzDW0ktxH4DkSWgGugYxjDbROtaJTedDNdXe07BAP_rIkZSKw&google_hm=ahpXjsPDR0-n3z39bhYkng==

Request Chain 86

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHqifhUaJsktgzANQzShG7E&google_cver=1&google_push=ATf1kGNhki-aTfoFp7Bfkh7PCBHZU_Z1cRZubTydVXuP5ZQsuebuNwLxhXLIUIuCT7g5JJsEoL-S-rFUpfS4oKJZ7RcVkcC0KO6jUCo7dCP_e3Zwwcsyiv5Ej9kSDNzsibUD-6GhBe6oRanHBTM HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHqifhUaJsktgzANQzShG7E&google_cver=1&google_push=ATf1kGNhki-aTfoFp7Bfkh7PCBHZU_Z1cRZubTydVXuP5ZQsuebuNwLxhXLIUIuCT7g5JJsEoL-S-rFUpfS4oKJZ7RcVkcC0KO6jUCo7dCP_e3Zwwcsyiv5Ej9kSDNzsibUD-6GhBe6oRanHBTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg1OTQ4MDIyNzcyNjY0NTgy&google_push=ATf1kGNhki-aTfoFp7Bfkh7PCBHZU_Z1cRZubTydVXuP5ZQsuebuNwLxhXLIUIuCT7g5JJsEoL-S-rFUpfS4oKJZ7RcVkcC0KO6jUCo7dCP_e3Zwwcsyiv5Ej9kSDNzsibUD-6GhBe6oRanHBTM

113 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
newnew.twitchoverlay.com/ 49 KB
49 KB 1775ms
1230ms Document
text/html 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 62af93d4ccc387c5c651fc84534213e4f18424941c2458139edd11c309d29d7c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Thu, 25 May 2023 10:29:04 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://newnew.twitchoverlay.com/wp-json/>; rel="https://api.w.org/", <https://newnew.twitchoverlay.com/wp-json/wp/v2/pages/678572>; rel="alternate"; type="application/json", <https://newnew.twitchoverlay.com/>; rel=shortlink
pragma: no-cache
server: Apache

GET
H2 200 classic-themes.min.css
newnew.twitchoverlay.com/wp-includes/css/ 291 B
343 B 106ms
104ms Stylesheet
text/css 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:05 GMT
last-modified: Wed, 29 Mar 2023 19:33:24 GMT
server: Apache
accept-ranges: bytes
content-length: 291
content-type: text/css

GET
H2 200 edd.min.css
newnew.twitchoverlay.com/wp-content/plugins/easy-digital-downloads/templates/ 19 KB
19 KB 209ms
207ms Stylesheet
text/css 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/plugins/easy-digital-downloads/templates/edd.min.css?ver=2.10.6
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: ab50f8066522a61b5d0a09db2469e41ae60f7461936f8e32283cc8f8bfd93ce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:05 GMT
last-modified: Fri, 23 Jul 2021 15:59:31 GMT
server: Apache
accept-ranges: bytes
content-length: 19850
content-type: text/css

GET
H2 200 forms.min.css
newnew.twitchoverlay.com/wp-content/plugins/affiliate-wp/assets/css/ 4 KB
4 KB 209ms
207ms Stylesheet
text/css 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/plugins/affiliate-wp/assets/css/forms.min.css?ver=2.7.3
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: df4a80a049be50c92da1f19e31d7292a3b19c8a6ed9b5c5c34d432bedeb089d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:05 GMT
last-modified: Fri, 23 Jul 2021 16:29:24 GMT
server: Apache
accept-ranges: bytes
content-length: 4402
content-type: text/css

GET
H2 200 style.min.css
newnew.twitchoverlay.com/wp-content/plugins/edd-free-downloads/assets/css/ 2 KB
2 KB 108ms
106ms Stylesheet
text/css 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/plugins/edd-free-downloads/assets/css/style.min.css?ver=2.3.10
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 24ef39cf7f17ee8fa232e3c50c5f93f7c695b046ef58ad45c32c01c5085b8ac8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:05 GMT
last-modified: Fri, 23 Jul 2021 16:33:04 GMT
server: Apache
accept-ranges: bytes
content-length: 2101
content-type: text/css

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rubik%3Aital%2Cwght%400%2C300%3B0%2C700%3B1%2C300&display=swap&ver=all

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4fdd92153c81091cc1cd64a9b516b1861118fa49b634c6da6341643a900a0b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 May 2023 10:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 May 2023 10:29:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 May 2023 10:29:05 GMT

GET
H2 200 jquery.min.js Show response
newnew.twitchoverlay.com/wp-includes/js/jquery/ 88 KB
88 KB 209ms
208ms Script
application/javascript 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:05 GMT
last-modified: Wed, 29 Mar 2023 19:33:24 GMT
server: Apache
accept-ranges: bytes
content-length: 89815
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
newnew.twitchoverlay.com/wp-includes/js/jquery/ 13 KB
13 KB 209ms
208ms Script
application/javascript 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:05 GMT
last-modified: Wed, 29 Mar 2023 19:33:24 GMT
server: Apache
accept-ranges: bytes
content-length: 13424
content-type: application/javascript

GET
H2 200 cart-recovery-for-wordpress.min.js Show response
newnew.twitchoverlay.com/wp-content/plugins/cart-recovery/js/ 371 B
441 B 105ms
104ms Script
application/javascript 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/plugins/cart-recovery/js/cart-recovery-for-wordpress.min.js?ver=6.2.2
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 97fb2b3ac6c6b811b80abba7b4b1b50b915d2e4add37cfa464f1bff6a47cc5fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:05 GMT
last-modified: Fri, 23 Jul 2021 15:57:50 GMT
server: Apache
accept-ranges: bytes
content-length: 371
content-type: application/javascript

GET
H2 200 jquery.cookie.min.js Show response
newnew.twitchoverlay.com/wp-content/plugins/affiliate-wp/assets/js/ 2 KB
2 KB 305ms
304ms Script
application/javascript 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/plugins/affiliate-wp/assets/js/jquery.cookie.min.js?ver=1.4.0
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 9f73fc38fe1e69919d8113cf47d74c7696b46e913b512709c7b7cfee799b0a8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:05 GMT
last-modified: Fri, 23 Jul 2021 16:29:34 GMT
server: Apache
accept-ranges: bytes
content-length: 1667
content-type: application/javascript

GET
H2 200 tracking.min.js Show response
newnew.twitchoverlay.com/wp-content/plugins/affiliate-wp/assets/js/ 4 KB
4 KB 306ms
305ms Script
application/javascript 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/plugins/affiliate-wp/assets/js/tracking.min.js?ver=2.7.3
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 9c7bb881d50daf10495cb74da00bd5530559e1d819b85a29db561f3e93762f05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:05 GMT
last-modified: Fri, 23 Jul 2021 16:29:37 GMT
server: Apache
accept-ranges: bytes
content-length: 4182
content-type: application/javascript

GET
H2 403 925f9fe406.js
kit.fontawesome.com/ 0
0 48ms
20ms Script
text/plain 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/925f9fe406.js?ver=6.2.2

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
strict-transport-security: max-age=31536000; preload
cf-cache-status: MISS
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
vary: Accept-Encoding
cf-ray: 7ccd18687ff58fdc-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
content-length: 9
x-request-id: F2JcKf0-2ef2pDmlOnLD

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
47 KB 45ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-54516390-1&ver=6.2.2

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

311d6fb63129ca86b8cb78c6ae5fd7a95bbf39f3bb4c2960a950999dcda873c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47662
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 May 2023 10:29:05 GMT

GET
H2 200 style.min.css
newnew.twitchoverlay.com/wp-content/themes/to2019v5/ 8 KB
8 KB 104ms
103ms Stylesheet
text/css 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/style.min.css
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 8e04215633c69b2d430a88a1c84cee90579bab8d94bf4f81850f890cdd065437

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:05 GMT
last-modified: Fri, 23 Jul 2021 14:43:32 GMT
server: Apache
accept-ranges: bytes
content-length: 8024
content-type: text/css

GET
H2 200 full-min.css
newnew.twitchoverlay.com/wp-content/themes/to2019v5/layouts/ 28 KB
28 KB 108ms
107ms Stylesheet
text/css 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/layouts/full-min.css
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 4b166867aec3d083fe83aed1f51bc6a087ac4cda3b285b289192bb724e1522d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:05 GMT
last-modified: Fri, 23 Jul 2021 15:54:46 GMT
server: Apache
accept-ranges: bytes
content-length: 28966
content-type: text/css

GET
H2 200 side-menu.min.css
newnew.twitchoverlay.com/wp-content/themes/to2019v5/layouts/ 31 KB
31 KB 108ms
107ms Stylesheet
text/css 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/layouts/side-menu.min.css
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: e7538c5d05fe0efd703b2ecf1120df38fc85dc714b287e19aaf5f4ddcc4db518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:05 GMT
last-modified: Fri, 23 Jul 2021 15:54:52 GMT
server: Apache
accept-ranges: bytes
content-length: 31675
content-type: text/css

GET
H2 200 twitch-overlay.png
newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/ 2 KB
2 KB 666ms
202ms Image
image/png 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/twitch-overlay.png
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: b8d41ed72c906e81527a0470beb762139c4c89a7fb40199eb4ac04c72781f076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 15:54:27 GMT
server: Apache
accept-ranges: bytes
content-length: 1785
content-type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 91ms
68ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1723338371508128

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8121934353dc5f61657052349bc811fadca2bb617e15add87b8bbef180e49b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnew.twitchoverlay.com/
Origin: https://newnew.twitchoverlay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47286
x-xss-protection: 0
server: cafe
etag: 16706725978463457176
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 25 May 2023 10:29:06 GMT

GET
H2 429 p0qxXC7.gif
i.imgur.com/ 0
61 B 32ms
6ms Image
text/plain 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/p0qxXC7.gif

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 25 May 2023 10:29:05 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1685010546.989575,VS0,VE0
x-cache: MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra-etou8220043-FRA

GET
H2 200 tile-overlay.gif
newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/tiles_noir/ 6 KB
6 KB 970ms
506ms Image
image/gif 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/tiles_noir/tile-overlay.gif
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: f527300de3e833fb72f6bd9c89ef52aa5a3994202cdab5564e87fe287583346c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 16:27:40 GMT
server: Apache
accept-ranges: bytes
content-length: 6184
content-type: image/gif

GET
H2 200 tile-alert.gif
newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/tiles_noir/ 21 KB
21 KB 873ms
408ms Image
image/gif 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/tiles_noir/tile-alert.gif
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 859211825eea6f575a6ebc89a281bbceedfba6d3962b0194dc5a69e9970aa044

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 16:27:39 GMT
server: Apache
accept-ranges: bytes
content-length: 21440
content-type: image/gif

GET
H2 200 tile-package.gif
newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/tiles_noir/ 35 KB
35 KB 867ms
403ms Image
image/gif 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/tiles_noir/tile-package.gif
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: e1e30b95e4abc86d05192687eb1ade27e3449be900b3f7a2c478280a01e8e83d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 16:27:40 GMT
server: Apache
accept-ranges: bytes
content-length: 35835
content-type: image/gif

GET
H2 200 tile-webcam.gif
newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/tiles_noir/ 25 KB
25 KB 970ms
505ms Image
image/gif 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/tiles_noir/tile-webcam.gif
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 4ce0d86883f09d8c7c6e75bfb665b429cdd69a292697cb305e49cda3186d7a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 16:27:40 GMT
server: Apache
accept-ranges: bytes
content-length: 25825
content-type: image/gif

GET
H2 200 tile-pbav.gif
newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/tiles_noir/ 24 KB
24 KB 969ms
505ms Image
image/gif 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/tiles_noir/tile-pbav.gif
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: c9ba420ff101ef5217ef91ab252b359719fbb28679e2bed54814401840c4649b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 16:27:40 GMT
server: Apache
accept-ranges: bytes
content-length: 24882
content-type: image/gif

GET
H2 200 tile-free.gif
newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/tiles_noir/ 19 KB
19 KB 970ms
506ms Image
image/gif 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/tiles_noir/tile-free.gif
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 1da401a8c44a9207094091fe3eb9e17b6b51eb88bc0b992065398e1b760aaa1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 16:27:39 GMT
server: Apache
accept-ranges: bytes
content-length: 19603
content-type: image/gif

GET
H2 200 wp-emoji-release.min.js Show response
newnew.twitchoverlay.com/wp-includes/js/ 18 KB
18 KB 975ms
511ms Script
application/javascript 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Wed, 29 Mar 2023 19:33:24 GMT
server: Apache
accept-ranges: bytes
content-length: 18692
content-type: application/javascript

GET
H2 429 GeV9BVz.gif
i.imgur.com/ 0
250 B 31ms
6ms Image
text/plain 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/GeV9BVz.gif

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 25 May 2023 10:29:05 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1685010546.989674,VS0,VE0
x-cache: MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra-etou8220043-FRA

GET
H2 200 ss-1.jpg
newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/ 8 KB
8 KB 969ms
506ms Image
image/jpeg 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/ss-1.jpg
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 1c91dbf6c82212583facef0f70a6d4c47c0603c039e2287cdc28c4cdf08db1e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 15:54:23 GMT
server: Apache
accept-ranges: bytes
content-length: 8118
content-type: image/jpeg

GET
H2 200 ss-2.jpg
newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/ 26 KB
26 KB 873ms
409ms Image
image/jpeg 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/ss-2.jpg
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: e069f6e3ccaffd9be910613392e83b45b7d28a0c707707886755c1f9cd38cb10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 15:54:23 GMT
server: Apache
accept-ranges: bytes
content-length: 26297
content-type: image/jpeg

GET
H2 200 ss-3.jpg
newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/ 45 KB
45 KB 873ms
409ms Image
image/jpeg 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/ss-3.jpg
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 09e95d051f1244347b5c2082d233ed7df7ffc6bb83bc24f10fd25a3b39727bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 15:54:23 GMT
server: Apache
accept-ranges: bytes
content-length: 45869
content-type: image/jpeg

GET
H2 200 lou.gif
newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/ 6 KB
6 KB 969ms
505ms Image
image/gif 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/img/lou.gif
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: ec71216be58a3b578d0a4dc33f8c0511311e83d8a59b16401b4837adaac1761e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 15:54:18 GMT
server: Apache
accept-ranges: bytes
content-length: 5643
content-type: image/gif

GET
H2 200 edd-ajax.min.js Show response
newnew.twitchoverlay.com/wp-content/plugins/easy-digital-downloads/assets/js/ 11 KB
11 KB 670ms
201ms Script
application/javascript 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/plugins/easy-digital-downloads/assets/js/edd-ajax.min.js?ver=2.10.6
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 8eb1a4366edf07ee523b40b62093b2b485a307f308b65af62f3802838173ca27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 16:31:54 GMT
server: Apache
accept-ranges: bytes
content-length: 10948
content-type: application/javascript

GET
H2 200 isMobile.min.js Show response
newnew.twitchoverlay.com/wp-content/plugins/edd-free-downloads/assets/js/ 1 KB
1 KB 668ms
201ms Script
application/javascript 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/plugins/edd-free-downloads/assets/js/isMobile.min.js
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 6fb48fb14effad0669f76a000a143d22e573dfa4135844fc8b20faac9869c359

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 16:33:07 GMT
server: Apache
accept-ranges: bytes
content-length: 1346
content-type: application/javascript

GET
H2 200 edd-free-downloads.min.js Show response
newnew.twitchoverlay.com/wp-content/plugins/edd-free-downloads/assets/js/ 12 KB
13 KB 666ms
201ms Script
application/javascript 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/plugins/edd-free-downloads/assets/js/edd-free-downloads.min.js?ver=2.3.10
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 40d2dfa80fa7e4f556716c48267ced327c7282f4fd1c064d08ca192afa916ce6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 16:33:07 GMT
server: Apache
accept-ranges: bytes
content-length: 12791
content-type: application/javascript

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/ 19 KB
7 KB 38ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js?ver=1.0.0

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 229429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6098
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4a59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbNBkLetaFH98TrBQ2jMwBOIZhCDIKvCxQdvnNd3xdHX8L1gKx5Kqzw8JPJW2DTZqRfT7ZMY%2B0R6L6aTJycjFUJ56X6QqUbzcGf3qy9zfJw20jT3smG894qdllB%2BgTvfr46cm3CHYuwOcQwUUavG9ljf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ccd18686db41bcf-FRA
expires: Tue, 14 May 2024 10:29:05 GMT

GET
H2 200 bootstrap.min.js Show response
newnew.twitchoverlay.com/wp-content/themes/to2019v5/js/ 61 KB
61 KB 665ms
201ms Script
application/javascript 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/js/bootstrap.min.js?ver=1.0.0
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 2909d4fa86cf09191e768576e1a6eab7f2635a2627549c45d29595ffac9c0da9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 15:54:37 GMT
server: Apache
accept-ranges: bytes
content-length: 62411
content-type: application/javascript

GET
H2 200 boots.js Show response
newnew.twitchoverlay.com/wp-content/themes/to2019v5/js/ 153 B
183 B 969ms
506ms Script
application/javascript 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/js/boots.js?ver=1.0.0
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: e4f14fc410f5257b93a43604fbd9fa9c9c8e25d57e9b778330bc85045a1e2b1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 15:54:34 GMT
server: Apache
accept-ranges: bytes
content-length: 153
content-type: application/javascript

GET
H2 200 all.js Show response
newnew.twitchoverlay.com/wp-content/themes/to2019v5/js/ 746 B
799 B 664ms
201ms Script
application/javascript 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/js/all.js?ver=1.0.0
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: 91474b91498e72e7e52c3f16d594370ca8f5ac0609709b6d2cbdc6b740e122ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 15:54:34 GMT
server: Apache
accept-ranges: bytes
content-length: 746
content-type: application/javascript

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d61d906f-d2be-4beb-8515-09964479f96a.woff2
newnew.twitchoverlay.com/wp-content/themes/to2019v5/Fonts/5336570/ 9 KB
9 KB 855ms
402ms Font
font/woff2 158.106.132.129
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/Fonts/5336570/d61d906f-d2be-4beb-8515-09964479f96a.woff2
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/layouts/side-menu.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.106.132.129 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.twitchoverlay.com
Software: Apache /
Resource Hash: b84459cf8cf305ab78d87f9dfe8119879dc20264ddcbb14ab0d93b3e6a2c41e0

Request headers

Referer: https://newnew.twitchoverlay.com/wp-content/themes/to2019v5/layouts/side-menu.min.css
Origin: https://newnew.twitchoverlay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Fri, 23 Jul 2021 16:27:30 GMT
server: Apache
accept-ranges: bytes
content-length: 9484
content-type: font/woff2

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v26/ 33 KB
34 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik%3Aital%2Cwght%400%2C300%3B0%2C700%3B1%2C300&display=swap&ver=all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newnew.twitchoverlay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 10:33:58 GMT
x-content-type-options: nosniff
age: 172507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33868
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:37:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 10:33:58 GMT

GET
H2 200 iJWbBXyIfDnIV7nEt3KSJbVDV49rz8sDE3U3f4I.woff2
fonts.gstatic.com/s/rubik/v26/ 17 KB
17 KB 30ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v26/iJWbBXyIfDnIV7nEt3KSJbVDV49rz8sDE3U3f4I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik%3Aital%2Cwght%400%2C300%3B0%2C700%3B1%2C300&display=swap&ver=all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f756c440f514d9085faf7adab14bbaaa8e13cf31051f822125c85e9fe128ecbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newnew.twitchoverlay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:30:33 GMT
x-content-type-options: nosniff
age: 385112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17164
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:38:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 23:30:33 GMT

GET
H2 429 ba6Flyh.mp4
i.imgur.com/ 0
60 B 6ms
6ms Media
text/plain 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://i.imgur.com/ba6Flyh.mp4

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://newnew.twitchoverlay.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

x-cache-hits: 0
date: Thu, 25 May 2023 10:29:05 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1685010546.997595,VS0,VE0
x-cache: MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra-etou8220043-FRA

GET
H2 429 BU3fCc9.mp4
i.imgur.com/ 0
60 B 6ms
6ms Media
text/plain 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://i.imgur.com/BU3fCc9.mp4

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://newnew.twitchoverlay.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

x-cache-hits: 0
date: Thu, 25 May 2023 10:29:05 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1685010546.997984,VS0,VE0
x-cache: MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra-etou8220043-FRA

GET
H2 429 7qYQFqh.mp4
i.imgur.com/ 0
60 B 6ms
6ms Media
text/plain 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://i.imgur.com/7qYQFqh.mp4

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://newnew.twitchoverlay.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

x-cache-hits: 0
date: Thu, 25 May 2023 10:29:05 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1685010546.998295,VS0,VE0
x-cache: MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra-etou8220043-FRA

GET
H2 429 t3aKwpp.mp4
i.imgur.com/ 0
60 B 6ms
6ms Media
text/plain 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://i.imgur.com/t3aKwpp.mp4

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://newnew.twitchoverlay.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

x-cache-hits: 0
date: Thu, 25 May 2023 10:29:05 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1685010546.998690,VS0,VE0
x-cache: MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra-etou8220043-FRA

GET
H2 429 IR4FzOf.mp4
i.imgur.com/ 0
60 B 6ms
6ms Media
text/plain 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://i.imgur.com/IR4FzOf.mp4

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://newnew.twitchoverlay.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

x-cache-hits: 0
date: Thu, 25 May 2023 10:29:05 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1685010546.999098,VS0,VE0
x-cache: MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra-etou8220043-FRA

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
87 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-72VEGFMT0W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54516390-1&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bde4009d7f40b42d3f24950292f2fc42245ee9e0db8f0c949e02197871e58b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 May 2023 10:29:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54516390-1&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 May 2023 09:04:54 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5052
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 25 May 2023 11:04:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 137 KB
53 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-918178871&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54516390-1&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09c61226914a1655e5be3978b8e83f785bd4cb38259a77bb95e11dc8549ec68a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53683
x-xss-protection: 0
last-modified: Thu, 25 May 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 May 2023 10:29:06 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ 354 KB
120 KB 101ms
86ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1723338371508128&plah=newnew.twitchoverlay.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1723338371508128

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84c53b7776964f8b11ff4a5ca8b6cb7be232cbd2027e09224da751756a64e23d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122569
x-xss-protection: 0
server: cafe
etag: 650251465356394468
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 May 2023 10:29:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230522/r20190131/ Frame 226D 10 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230522/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1723338371508128

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnew.twitchoverlay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54634
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 19:18:32 GMT
etag: 15057649708203361565
expires: Wed, 07 Jun 2023 19:18:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 14ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=935691488&t=pageview&_s=1&dl=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&ul=en-us&de=UTF-8&dt=Twitch%20Overlay%20%E2%80%93%20Just%20another%20WordPress%20site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=495151771&gjid=259792458&cid=672164064.1685010546&tid=UA-54516390-1&_gid=1875826908.1685010546&_r=1&gtm=457e35m0&jsscut=1&z=1627686957

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newnew.twitchoverlay.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newnew.twitchoverlay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/918178871/ 3 KB
2 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/918178871/?random=1685010546123&cv=11&fst=1685010546123&bg=ffffff&guid=ON&async=1&gtm=45be35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&hn=www.googleadservices.com&frm=0&tiba=Twitch%20Overlay%20%E2%80%93%20Just%20another%20WordPress%20site&auid=8981884.1685010546&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-918178871&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6a0705dad76bb538041fea955a0008fe1f31c5d0ba8ff7ac975880ccf425329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1346
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 37ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-72VEGFMT0W&gtm=45je35m0&_p=935691488&cid=672164064.1685010546&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685010546&sct=1&seg=0&dl=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&dt=Twitch%20Overlay%20%E2%80%93%20Just%20another%20WordPress%20site&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72VEGFMT0W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newnew.twitchoverlay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/918178871/ 3 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/918178871/?random=1685010546153&cv=11&fst=1685010546153&bg=ffffff&guid=ON&async=1&gtm=45je35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&hn=www.googleadservices.com&frm=0&tiba=Twitch%20Overlay%20%E2%80%93%20Just%20another%20WordPress%20site&auid=8981884.1685010546&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-72VEGFMT0W&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

284628c43276ea2c6d61e24966fedca363ee911107fadeb21e069a8954f4edbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1347
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 89ms
30ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-54516390-1&cid=672164064.1685010546&jid=495151771&gjid=259792458&_gid=1875826908.1685010546&_u=YEBAAUAAAAAAACAAI~&z=1538250898

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newnew.twitchoverlay.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 25 May 2023 10:29:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newnew.twitchoverlay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/918178871/ 42 B
455 B 43ms
21ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/918178871/?random=1685010546123&cv=11&fst=1685008800000&bg=ffffff&guid=ON&async=1&gtm=45be35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&frm=0&tiba=Twitch%20Overlay%20%E2%80%93%20Just%20another%20WordPress%20site&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1578124215&rmt_tld=0&ipr=y

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/918178871/ 42 B
455 B 41ms
20ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/918178871/?random=1685010546123&cv=11&fst=1685008800000&bg=ffffff&guid=ON&async=1&gtm=45be35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&frm=0&tiba=Twitch%20Overlay%20%E2%80%93%20Just%20another%20WordPress%20site&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1578124215&rmt_tld=1&ipr=y

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/918178871/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/918178871/?random=1685010546153&cv=11&fst=1685008800000&bg=ffffff&guid=ON&async=1&gtm=45je35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&frm=0&tiba=Twitch%20Overlay%20%E2%80%93%20Just%20another%20WordPress%20site&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=600400242&rmt_tld=0&ipr=y

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/918178871/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/918178871/?random=1685010546153&cv=11&fst=1685008800000&bg=ffffff&guid=ON&async=1&gtm=45je35m0&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&frm=0&tiba=Twitch%20Overlay%20%E2%80%93%20Just%20another%20WordPress%20site&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=600400242&rmt_tld=1&ipr=y

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 47ms
45ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-54516390-1&cid=672164064.1685010546&jid=495151771&_u=YEBAAUAAAAAAACAAI~&z=1649163884

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 46ms
45ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-54516390-1&cid=672164064.1685010546&jid=495151771&_u=YEBAAUAAAAAAACAAI~&z=1649163884

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
607 B 36ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=newnew.twitchoverlay.com&callback=_gfp_s_&client=ca-pub-1723338371508128

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1723338371508128&plah=newnew.twitchoverlay.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db4f1e4a3807527150a46a074450392d7f3f11c1a3fe5a5786f0df840babbc47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 38ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newnew.twitchoverlay.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 44ms
20ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newnew.twitchoverlay.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C1E 10 KB
4 KB 493ms
492ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723338371508128&output=html&adk=1812271804&adf=3025194257&lmt=1685010546&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685010546079&bpp=2&bdt=429&idt=191&shv=r20230522&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=29872564532&frm=20&pv=2&ga_vid=672164064.1685010546&ga_sid=1685010546&ga_hid=935691488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44792645&oid=2&pvsid=920133617030352&tmod=936148123&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

678460402c1b502936b7bc2fe0cc4d964e2c3c4f5e163ef36e3a3fc354d614c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnew.twitchoverlay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4526
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 10:29:06 GMT
expires: Thu, 25 May 2023 10:29:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F922 31 KB
13 KB 171ms
168ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723338371508128&output=html&h=90&slotname=2134729093&adk=2932901231&adf=787635767&pi=t.ma~as.2134729093&w=728&lmt=1685010546&format=728x90&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685010546081&bpp=1&bdt=432&idt=217&shv=r20230522&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=29872564532&frm=20&pv=1&ga_vid=672164064.1685010546&ga_sid=1685010546&ga_hid=935691488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44792645&oid=2&pvsid=920133617030352&tmod=936148123&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zsupv2RHuU&p=https%3A//newnew.twitchoverlay.com&dtd=222

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b92a2ad083d1e1c7494f87d86339a25ec8f1df52a87984ddf8db1b98cfe366b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnew.twitchoverlay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13606
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 10:29:06 GMT
expires: Thu, 25 May 2023 10:29:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/ Frame F922 3 KB
1 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723338371508128&output=html&h=90&slotname=2134729093&adk=2932901231&adf=787635767&pi=t.ma~as.2134729093&w=728&lmt=1685010546&format=728x90&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685010546081&bpp=1&bdt=432&idt=217&shv=r20230522&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=29872564532&frm=20&pv=1&ga_vid=672164064.1685010546&ga_sid=1685010546&ga_hid=935691488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44792645&oid=2&pvsid=920133617030352&tmod=936148123&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zsupv2RHuU&p=https%3A//newnew.twitchoverlay.com&dtd=222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:00:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 10:00:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/ Frame F922 19 KB
8 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230522/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6797c077654da137fb8c518484a1b2e6fa32c76eb6427d620851693463ac89d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 17:48:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60027
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7989
x-xss-protection: 0
server: cafe
etag: 4146798238180205368
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:48:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F922 0
0 14ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRu7pXo6YTMWZ7Henv-KOL-aGaxH-TjpKBDm7aKxun4jyd70PV6Be_cCJTbMCSbuHq85LgX7ZYRRW8BQ4KekRn7iRS66Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723338371508128&output=html&h=90&slotname=2134729093&adk=2932901231&adf=787635767&pi=t.ma~as.2134729093&w=728&lmt=1685010546&format=728x90&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685010546081&bpp=1&bdt=432&idt=217&shv=r20230522&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=29872564532&frm=20&pv=1&ga_vid=672164064.1685010546&ga_sid=1685010546&ga_hid=935691488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44792645&oid=2&pvsid=920133617030352&tmod=936148123&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zsupv2RHuU&p=https%3A//newnew.twitchoverlay.com&dtd=222
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F922 171 KB
54 KB 54ms
33ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 May 2023 10:29:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F922 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7B4zcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgS9AU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYYxgTzdOA-aVDAEnhN9050Rxuz4BVEQxMrumb-5nwDBCbggpYNi_IAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTcyMzMzODM3MTUwODEyOBgA&sigh=i0Bf3Llkz3c&uach_m=[UACH]&cid=CAQSKQBygQiDIw_qTjixZTegyDNd9J0zb54-22FEINztFdYl9dZjfk8JLJweGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723338371508128&output=html&h=90&slotname=2134729093&adk=2932901231&adf=787635767&pi=t.ma~as.2134729093&w=728&lmt=1685010546&format=728x90&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685010546081&bpp=1&bdt=432&idt=217&shv=r20230522&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=29872564532&frm=20&pv=1&ga_vid=672164064.1685010546&ga_sid=1685010546&ga_hid=935691488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44792645&oid=2&pvsid=920133617030352&tmod=936148123&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zsupv2RHuU&p=https%3A//newnew.twitchoverlay.com&dtd=222
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 25 May 2023 10:29:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame F922 0
0 55ms
31ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jkqm7tzrffd095habprqh8jhr8y1x7j8891b8n5s7tpbrpc5ptpgy12rwex22jeh0p24brmjm4enh09d7h4x2t2r8gfjkzrg145pp7mccvg7rqe2re8hvzrmk1rtv79nfzm816ysh241cqyzd81arvgwt9r5s4vj61e25svmyjv21r522hv2k5c0bneqstbnphmf70y03f43kse44a9c7xhfkhg4qq9g6ymeqqwdkt5etsxn2myhny4wadm688z0zzswj0gn5fqkwfgjsbwrbdqet9tg2kw6w1rmywb3qjbbsjvvy1t191a3hsypvf8jwwadzpbtsyvz2f76kmwt5npbhd903wcs6k9n9rtf4vaycbgnqhx5cyxeewm7847cpf2v0exwsmtpx99&b=ZG84cgAE7HcK3s-NAAdXT-p6yoNRJ1ycCjM7UQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723338371508128&output=html&h=90&slotname=2134729093&adk=2932901231&adf=787635767&pi=t.ma~as.2134729093&w=728&lmt=1685010546&format=728x90&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685010546081&bpp=1&bdt=432&idt=217&shv=r20230522&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=29872564532&frm=20&pv=1&ga_vid=672164064.1685010546&ga_sid=1685010546&ga_hid=935691488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44792645&oid=2&pvsid=920133617030352&tmod=936148123&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zsupv2RHuU&p=https%3A//newnew.twitchoverlay.com&dtd=222
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 May 2023 10:29:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame F77E 2 KB
3 KB 61ms
38ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jdbybxc190t5fhdp1qxjdrt2cp9h7h9gvkxbe1qnmq7z8v41pvz10c7w1g9ams8t9gsfjrt54d6jjffbx5pdppkrxw4f2ftce859ccj50qhhpszvgy6ftckzd031fx3v9n0gabawa9h4vc2mbtfzj7stvec2fh280tbtqkcrwx6dgy32n6ewezkqgxr6z13b9w0wgr07e1e7s10qb5h7e6tjx4dmsjg80xte9nqt8vp77fa8zp42eyhyzdjahrk7rhc1bspa28xcyyrwah3r21gdarg305wthnr8xghtx0gs1cmvzhbwfx5351k4dzh2t1kxdbh51jf326mn9qxyn1bx8pqtqxk3fp3mbqvk440f4fdn3x8wp9m7st78kj8841ksy8ewkrhg6k6p9j4pgvkyf6vahr4jxjrc2q08y5pqp97ha5pwrj8g1a4xmbdhxcn0c9a64&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%26client%3Dca-pub-1723338371508128%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b45931892068e34ae884513e9a88489e129a09b9a84c07ee0d04f0493541a6bd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ccd186bac263657-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 10:29:06 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C161 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 10:33:36 GMT
etag: 48472445140208031
expires: Thu, 25 May 2023 10:33:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C161
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENydiUn4XXGxydCpvie5adE&google_cver=1&google_push=ATf1kGPNQkXRuowOxj8Gt8uJ8Z4HvogTQj_6KPnag8XLOQKMA_SQTW2ZPD4ywmB575aIvk-jhZK_o2MLxDq-19zA92lcSke-zMx3E...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE1NDkyMjIxMDUxODUxNjk0NA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEx2KeCSoEVFj3GSIhNURZk&google_cver=1

43 B
398 B

13ms
13ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEx2KeCSoEVFj3GSIhNURZk&google_cver=1
Requested by: Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEx2KeCSoEVFj3GSIhNURZk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C161
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBycJKo2Iz1JBbK_2ccyHxY&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBycJKo2Iz1JBbK_2ccyHxY&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUh3UEM2aWQxUTI4ZHM1&google_gid=CAESEBycJKo2Iz1JBbK_2ccyHxY&google_cver=1&google_push=ATf1kGNIsZFnq6yL2Kz9AN4qIopC_RglCw_RM8FOOTbAtwK...

170 B
232 B

16ms
16ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUh3UEM2aWQxUTI4ZHM1&google_gid=CAESEBycJKo2Iz1JBbK_2ccyHxY&google_cver=1&google_push=ATf1kGNIsZFnq6yL2Kz9AN4qIopC_RglCw_RM8FOOTbAtwKm8B2Pgv-hl2Z90bwtBrmxRMlUCFlXEfA5VoXg5iDIdH50VRCS-m1abhOAIaGsq-1fjv9S_xjNdMceHIeeBDRmbE03RaX2AhV728A

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 May 2023 10:29:05 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUh3UEM2aWQxUTI4ZHM1&google_gid=CAESEBycJKo2Iz1JBbK_2ccyHxY&google_cver=1&google_push=ATf1kGNIsZFnq6yL2Kz9AN4qIopC_RglCw_RM8FOOTbAtwKm8B2Pgv-hl2Z90bwtBrmxRMlUCFlXEfA5VoXg5iDIdH50VRCS-m1abhOAIaGsq-1fjv9S_xjNdMceHIeeBDRmbE03RaX2AhV728A
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame C161 70 B
265 B 103ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGX4j0s5JYZsGFCD9y-KpIA&google_cver=1&google_push=ATf1kGPUmT9-bUP22BwnfYxlreNum7TmHhcDeUOITryaxlYfMfQytEVrcBfSzP_ETnK4HvFBCMoErNYBXl6XJeVOi0oEHnh73Z3RAVVow__34T0tiC_OMAphDbLj-G5pdyunu31KG8U_jTdfs5Y
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1723338371508128&output=html&h=90&slotname=2134729093&adk=2932901231&adf=787635767&pi=t.ma~as.2134729093&w=728&lmt=1685010546&format=728x90&url=https%3A%2F%2Fnewnew.twitchoverlay.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685010546081&bpp=1&bdt=432&idt=217&shv=r20230522&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=29872564532&frm=20&pv=1&ga_vid=672164064.1685010546&ga_sid=1685010546&ga_hid=935691488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441%2C44792645&oid=2&pvsid=920133617030352&tmod=936148123&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zsupv2RHuU&p=https%3A//newnew.twitchoverlay.com&dtd=222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C161
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPa-WGKfIxGnAZJjnG5Zz_E&google_cver=1&google_push=ATf1kGOz5XAGSZbOHqNuNhR4Jgu6r2XpZZsmJSQi6WUUuYSV0IY6cUhzDKL93PLGtuF1ek5OyX_FbZj1aPlV4-xO...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yDIjbf7yTiKcQu9khVOW_Q2&google_push=ATf1kGOz5XAGSZbOHqNuNhR4Jgu6r2XpZZsmJSQi6WUUuYSV0IY6cUhzDKL93PLGtuF1ek5OyX_FbZj1aPlV4-xOrU9c_Gz4UsHjtI...

170 B
329 B

19ms
18ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yDIjbf7yTiKcQu9khVOW_Q2&google_push=ATf1kGOz5XAGSZbOHqNuNhR4Jgu6r2XpZZsmJSQi6WUUuYSV0IY6cUhzDKL93PLGtuF1ek5OyX_FbZj1aPlV4-xOrU9c_Gz4UsHjtImhpYUGPRjGd-rs4VXGxDR0XAV5JeCqNRWDBhSgQCqN0Zs

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 25 May 2023 10:29:06 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yDIjbf7yTiKcQu9khVOW_Q2&google_push=ATf1kGOz5XAGSZbOHqNuNhR4Jgu6r2XpZZsmJSQi6WUUuYSV0IY6cUhzDKL93PLGtuF1ek5OyX_FbZj1aPlV4-xOrU9c_Gz4UsHjtImhpYUGPRjGd-rs4VXGxDR0XAV5JeCqNRWDBhSgQCqN0Zs
x-host: tde-deliveryengine-production-575784b66-q28hx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C161
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFKC3-bur4HSKBYu_aKIT8g&google_cver=1&google_push=ATf1kGPPnDjrByUnY3JPqOtuTz3VyUQ9wFtYqyhPNCO2dGWy0g5pSXSpLaIrAt74DcpyWOo0na88hqN3lEx_zJ0p-an2...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFKC3-bur4HSKBYu_aKIT8g&google_cver=1&google_push=ATf1kGPPnDjrByUnY3JPqOtuTz3VyUQ9wFtYqyhPNCO2dGWy0g5pSXSpLaIrAt74DcpyWOo0na88hqN3lEx_zJ...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=c541a988-73c2-499b-ac61-e790efb4aaac&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPPnDjrByUnY3JPqOtuTz3VyUQ9wFtYqyhPNCO2dGWy0g5pSXSpLaIrAt74DcpyWOo0na88hqN3lEx_zJ0p-an2oT5zRXzDW0ktxH4DkSWgGugYxjDbROtaJTedDNdXe0...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPPnDjrByUnY3JPqOtuTz3VyUQ9wFtYqyhPNCO2dGWy0g5pSXSpLaIrAt74DcpyWOo0na88hqN3lEx_zJ0p-an2oT5zRXzDW0ktxH4DkSWgGugYxjDbROtaJTedDNdXe07BAP_rIkZSKw&google_hm=ahpXjsPDR0-n3z39bhYkng==

Requested by

Host: newnew.twitchoverlay.com
URL: https://newnew.twitchoverlay.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPPnDjrByUnY3JPqOtuTz3VyUQ9wFtYqyhPNCO2dGWy0g5pSXSpLaIrAt74DcpyWOo0na88hqN3lEx_zJ0p-an2oT5zRXzDW0ktxH4DkSWgGugYxjDbROtaJTedDNdXe07BAP_rIkZSKw&google_hm=ahpXjsPDR0-n3z39bhYkng==
date: Thu, 25 May 2023 10:29:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame C161 43 B
363 B 66ms
17ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEMuLUZB_SdL_f6kF2AKL9ME&google_cver=1&google_push=ATf1kGOoQV5XPPYEV1t5kpPHN3vqyzyxQ9j2s28ohM-WlqPwDsjAIk6vx3Ix0eE5Yr7arvvlGlpGMlfLq0x64kc_SBz2hP4g5PVbGFhM24fkbTVe3lFE9kAzS77xtgscPpqrtRDlfgWnlaAfL48

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 307357
expires: Thu, 25 May 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C161
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHqifhUaJsktgzANQzShG7E&google_cver=1&google_push=ATf1kGNhki-aTfoFp7Bfkh7PCBHZU_Z1cRZubTydVXuP5ZQsuebuNwLxhXLIUIuCT7g5JJsEoL-S-rFU...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHqifhUaJsktgzANQzShG7E&google_cver=1&google_push=ATf1kGNhki-aTfoFp7Bfkh7PCBHZU_Z1cRZubTydVXuP5ZQsuebuNwLxhXLIUIuCT7g5JJsEoL-...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg1OTQ4MDIyNzcyNjY0NTgy&google_push=ATf1kGNhki-aTfoFp7Bfkh7PCBHZU_Z1cRZubTydVXuP5ZQsuebuNwLxhXLIUIuCT7g5JJsEoL-S-rFU...

170 B
188 B

24ms
24ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg1OTQ4MDIyNzcyNjY0NTgy&google_push=ATf1kGNhki-aTfoFp7Bfkh7PCBHZU_Z1cRZubTydVXuP5ZQsuebuNwLxhXLIUIuCT7g5JJsEoL-S-rFUpfS4oKJZ7RcVkcC0KO6jUCo7dCP_e3Zwwcsyiv5Ej9kSDNzsibUD-6GhBe6oRanHBTM

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg1OTQ4MDIyNzcyNjY0NTgy&google_push=ATf1kGNhki-aTfoFp7Bfkh7PCBHZU_Z1cRZubTydVXuP5ZQsuebuNwLxhXLIUIuCT7g5JJsEoL-S-rFUpfS4oKJZ7RcVkcC0KO6jUCo7dCP_e3Zwwcsyiv5Ej9kSDNzsibUD-6GhBe6oRanHBTM
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C161 0
130 B 52ms
14ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K06r37KxGiFJPtJGFjlGLenRAxRK_UFbVrVv4YwG2-oxKvBxV63PUNk58UlipEgN6j6mjD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame F77E 103 KB
13 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jdbybxc190t5fhdp1qxjdrt2cp9h7h9gvkxbe1qnmq7z8v41pvz10c7w1g9ams8t9gsfjrt54d6jjffbx5pdppkrxw4f2ftce859ccj50qhhpszvgy6ftckzd031fx3v9n0gabawa9h4vc2mbtfzj7stvec2fh280tbtqkcrwx6dgy32n6ewezkqgxr6z13b9w0wgr07e1e7s10qb5h7e6tjx4dmsjg80xte9nqt8vp77fa8zp42eyhyzdjahrk7rhc1bspa28xcyyrwah3r21gdarg305wthnr8xghtx0gs1cmvzhbwfx5351k4dzh2t1kxdbh51jf326mn9qxyn1bx8pqtqxk3fp3mbqvk440f4fdn3x8wp9m7st78kj8841ksy8ewkrhg6k6p9j4pgvkyf6vahr4jxjrc2q08y5pqp97ha5pwrj8g1a4xmbdhxcn0c9a64&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%26client%3Dca-pub-1723338371508128%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jdbybxc190t5fhdp1qxjdrt2cp9h7h9gvkxbe1qnmq7z8v41pvz10c7w1g9ams8t9gsfjrt54d6jjffbx5pdppkrxw4f2ftce859ccj50qhhpszvgy6ftckzd031fx3v9n0gabawa9h4vc2mbtfzj7stvec2fh280tbtqkcrwx6dgy32n6ewezkqgxr6z13b9w0wgr07e1e7s10qb5h7e6tjx4dmsjg80xte9nqt8vp77fa8zp42eyhyzdjahrk7rhc1bspa28xcyyrwah3r21gdarg305wthnr8xghtx0gs1cmvzhbwfx5351k4dzh2t1kxdbh51jf326mn9qxyn1bx8pqtqxk3fp3mbqvk440f4fdn3x8wp9m7st78kj8841ksy8ewkrhg6k6p9j4pgvkyf6vahr4jxjrc2q08y5pqp97ha5pwrj8g1a4xmbdhxcn0c9a64&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%26client%3Dca-pub-1723338371508128%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 28764
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQBdYWkTo3351DR0V0HZqD2Z89OooORLWFxsT3gb%2BaKaVFb8%2B2e044CGbRSk6%2Ffqv3QcD4PQ26Lcc%2F1QhvDMO1YXg2MBU3cbxqKgVEhA6hb8EOLOEhwrqqoyPfQspZL0z3VCbFu1D0k%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7ccd186bfc6b3657-FRA
expires: Thu, 25 May 2023 11:29:06 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame F77E 25 KB
10 KB 19ms
19ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jdbybxc190t5fhdp1qxjdrt2cp9h7h9gvkxbe1qnmq7z8v41pvz10c7w1g9ams8t9gsfjrt54d6jjffbx5pdppkrxw4f2ftce859ccj50qhhpszvgy6ftckzd031fx3v9n0gabawa9h4vc2mbtfzj7stvec2fh280tbtqkcrwx6dgy32n6ewezkqgxr6z13b9w0wgr07e1e7s10qb5h7e6tjx4dmsjg80xte9nqt8vp77fa8zp42eyhyzdjahrk7rhc1bspa28xcyyrwah3r21gdarg305wthnr8xghtx0gs1cmvzhbwfx5351k4dzh2t1kxdbh51jf326mn9qxyn1bx8pqtqxk3fp3mbqvk440f4fdn3x8wp9m7st78kj8841ksy8ewkrhg6k6p9j4pgvkyf6vahr4jxjrc2q08y5pqp97ha5pwrj8g1a4xmbdhxcn0c9a64&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%26client%3Dca-pub-1723338371508128%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 160993
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckvfOs5N8P%2BvTVMuWMTvEgHBbP2yZ2YOAcvJqlLyTc3GZwRbmREkIsNby6yc5vpA3Ne9ARychup%2Fp261u%2FM5Ceswmdy%2FmpczIEDE55w16mT4bXu5AN9wwz7WQRtrQKQf7qFyWLk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7ccd186bfc6d3657-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 13:46:07 GMT

GET
DATA 200
OK truncated
/ Frame F922 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 098c95eaff5b25968450fd9c61991740f612d4ba57eb25d566ea7a31b09912ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F77E 3 KB
4 KB 49ms
21ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3039
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjbxIWGWRdt1iU1pJDJNfWQ98WMB4IUGFYSjVfDxUKS86SJ4JQ3rUx95KrXdSnap7KO1HogEHmJW%2F5SiV%2BapSAYusaQVXdFwLc%2BBB6s5%2By4fi3AMFX5eWx5JGrJu4P3axRzoaKcTd86qfYyNH913RvRd"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7ccd186c8a36bbc7-FRA
expires: Thu, 25 May 2023 10:38:27 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 8D6C 2 KB
1 KB 21ms
21ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 343395
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7ccd186c5fa79b86-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 25 May 2023 10:29:06 GMT
expires: Mon, 08 May 2023 00:16:30 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IoGm2y6xY%2BflPxZbFSu7%2BlvBHMSEgfDOCMoYlkMX5GQUaRlR9TotQYNOr%2B5tQy2uAZun3AdHaj4EsmQTQ54p48rd4ZJGGKnNRB%2FZjc1Lym0bTlMFihO5uYHtJnpU66toyncK2w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame F77E 1 KB
2 KB 32ms
31ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a16c1471ad364f5ed1610dfec204abbbc62b38a768f6390c5f7fc9ecc3842909

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eg5rX3SuDqrGtZ%2B8oSo0llkvFOSxsfHKx2h%2Fps1UYMbS92Cks7Ed3bhQeuE%2FMd6xHnYVecDLZP0D4dB4JQucoAmFCTO5KJxJHXlkIdjnxQZvxEbGy7wrHiaF6c5t4Sg81wvP3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7ccd186cef7e360a-FRA
x-backend-server: aa-reachservice-group-europe-west1-22mg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 42ms
30ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ccd186cbf31360a-FRA
content-length: 24
content-type: text/plain
date: Thu, 25 May 2023 10:29:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YasJTw%2FhMdUNhZb1kZxaoaa5dXCCbHYd5pSnAp3HtVwSIS6nVopYVxz4WxvYjj9dl7dizUDs9sfk%2BeH8IzNojaJCuFOZ9beNt0DJvGBn4KiPVuzerOtX%2Ful%2F3CNwc3Q%2BEYgr1dM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-22mg

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 32AE 11 KB
4 KB 36ms
35ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=47681a1e4ab9d35bbadbe3133d4eb883%2F14001344634175142466&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685010546695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%2526client%253Dca-pub-1723338371508128%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21110fc0c06a5ba2765ac813658c5be800c252019ba92ab682640efffeb4804

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jdbybxc190t5fhdp1qxjdrt2cp9h7h9gvkxbe1qnmq7z8v41pvz10c7w1g9ams8t9gsfjrt54d6jjffbx5pdppkrxw4f2ftce859ccj50qhhpszvgy6ftckzd031fx3v9n0gabawa9h4vc2mbtfzj7stvec2fh280tbtqkcrwx6dgy32n6ewezkqgxr6z13b9w0wgr07e1e7s10qb5h7e6tjx4dmsjg80xte9nqt8vp77fa8zp42eyhyzdjahrk7rhc1bspa28xcyyrwah3r21gdarg305wthnr8xghtx0gs1cmvzhbwfx5351k4dzh2t1kxdbh51jf326mn9qxyn1bx8pqtqxk3fp3mbqvk440f4fdn3x8wp9m7st78kj8841ksy8ewkrhg6k6p9j4pgvkyf6vahr4jxjrc2q08y5pqp97ha5pwrj8g1a4xmbdhxcn0c9a64&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%26client%3Dca-pub-1723338371508128%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ccd186d29039b86-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 10:29:06 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 32AE 103 KB
13 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=47681a1e4ab9d35bbadbe3133d4eb883%2F14001344634175142466&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685010546695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%2526client%253Dca-pub-1723338371508128%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=47681a1e4ab9d35bbadbe3133d4eb883%2F14001344634175142466&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685010546695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%2526client%253Dca-pub-1723338371508128%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 240589
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dfpKuf2R4MpH4%2B7H%2FNjY0RyYSksQa%2FgBB3FnTmgAYSquXYVJgTgjJEEc3Q1edNjcEWhZ3xL9zPFwAyHYuD%2FPzfSXbJ6zt4XJJSNIZGrGEarb%2B4ej7QJDjp%2BWhVYj8XV9OLthdAtcUY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7ccd186d59479b86-FRA
expires: Thu, 25 May 2023 11:29:06 GMT

GET
H2 200 C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame 32AE 5 KB
5 KB 26ms
16ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=47681a1e4ab9d35bbadbe3133d4eb883%2F14001344634175142466&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685010546695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%2526client%253Dca-pub-1723338371508128%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2518236
cf-polished: origFmt=png, origSize=10283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4736
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Apr 2023 12:21:02 GMT
server: cloudflare
etag: "b90d04a587c2a1ab6749e51d8bb195d1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BB915uFBvY2GzdpD4AwkBHNDocq%2FL9j5nCR1GXF7yg0VS46tee9sRU5ILsA0aiR%2FYWCafxNWCG6FGZZ%2BuEByOtkJQ9hsCGJmIUmJwm2tnORDoyAhdBuM6hYcCKMVUOys7vxevgar76BDMVu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ccd186d6e9b3657-FRA
expires: Fri, 26 May 2023 10:29:06 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 32AE 91 KB
91 KB 26ms
17ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=47681a1e4ab9d35bbadbe3133d4eb883%2F14001344634175142466&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685010546695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%2526client%253Dca-pub-1723338371508128%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 398717
cf-polished: origSize=105738, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92686
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0m1%2BE5lmDtyQDx2t6OjGzxO7kBHJKisTffFSZjpGPKMiLgLYewTebmpHg%2FKlSz5XgZD5RgYwHzgup5bM6ZTyUV2ZVxiFC1Q9bfn%2FFCof%2BbZJrVEbFguuasyNZYPoo5H3ALluYpCAa%2B2jpbro"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ccd186d6e9d3657-FRA
expires: Fri, 26 May 2023 10:29:06 GMT

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 32AE 2 KB
3 KB 17ms
17ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=47681a1e4ab9d35bbadbe3133d4eb883%2F14001344634175142466&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685010546695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%2526client%253Dca-pub-1723338371508128%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32965
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmBNQXjMGFNZm5ZSh9cxLAMMFFEDi9S40Naog0qW54XuLSgxsgDPVzAp%2BOqT7rmW73C8HZbASOFqxg13%2FY6p1Pd%2F82fZ5mMM8XcvJqQu8eF6k8WRA5G%2BEGkIcUkLuWEe7ndV9%2BbIaNaoeTVO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ccd186d89899b86-FRA
expires: Fri, 26 May 2023 10:29:06 GMT

GET
H3 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 32AE 339 KB
340 KB 26ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=47681a1e4ab9d35bbadbe3133d4eb883%2F14001344634175142466&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685010546695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%2526client%253Dca-pub-1723338371508128%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2291245
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwTlwTJeLLsEZYm0mrDRMau51LcR%2BflP68MNdAbyahBlvzPSpEZb7ZxpvfViInSUamT6SY5h%2F%2BwiEZVnBWXmyNYKtD%2F00QPVnnb2WR2WJ3cWx%2BSrRfMjTUhk%2B4%2FlYEG8Da%2FyrGcs8gdNI7j1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ccd186d898d9b86-FRA
expires: Fri, 26 May 2023 10:29:06 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 32AE 43 B
704 B 124ms
88ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidk7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6oneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=47681a1e4ab9d35bbadbe3133d4eb883%2F14001344634175142466&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685010546695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%2526client%253Dca-pub-1723338371508128%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 May 2023 10:29:06 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 32AE 36 KB
36 KB 24ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=47681a1e4ab9d35bbadbe3133d4eb883%2F14001344634175142466&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685010546695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%2526client%253Dca-pub-1723338371508128%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 490852
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BcsAG3m1aj3tGNW0qFdNXTjIFuXMAnfN4bsUADjQuVutionwWj1VqsPGCIQ8zEA7%2B7GddBEbIl6LPlcqa5VronUiDIi%2FGKcrMeqAzVByZAuj%2BF0gMiURnPxjJ%2BWBxJeCSqNeUYPBbx8kkOf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ccd186d898f9b86-FRA
expires: Fri, 26 May 2023 10:29:06 GMT

GET
H3 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 32AE 28 KB
29 KB 20ms
19ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=47681a1e4ab9d35bbadbe3133d4eb883%2F14001344634175142466&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685010546695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%2526client%253Dca-pub-1723338371508128%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 745893
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qH8ZDPlrKwMcjce2HrZyDOsiZ3mZ3cWEmK7FIyrRPQ5ZjfdCY6teXgXlWNNm8d%2BNaE%2BFaTD1mMNnjVswXbIglio33StiwSWZ8lrZSmbUCKtoQTDDlB2x2SPeBYIEMQn%2FtMCmdoBCKaU2ls%2B5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ccd186d89909b86-FRA
expires: Fri, 26 May 2023 10:29:06 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 32AE 43 B
704 B 179ms
143ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 May 2023 10:29:06 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 32AE 2 KB
2 KB 124ms
70ms Script
text/html 18.132.62.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jw5528n0ambtf771bssr1e9782j4edjpfgqxhkfanbhfr1yzgq9xdy3rvgew4t19028y46tra6c34r3qdzjkcz8t244btf9vbh9n6zmnzk7dtqsw662jh6wn11sfv4awj41md14twqsjf5ccqpyd7xvfk7kzj7bxkba2t5ngff1mm8m1avv8s00bfpg7b5g2f3zbvnz1bep7pe4n986spmmbn39cnam7gjyxw1tzkdt3408spyy1tncz6jd2g0w1ksm2%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%252526client%25253Dca-pub-1723338371508128%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=47681a1e4ab9d35bbadbe3133d4eb883%2F14001344634175142466&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685010546695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%2526client%253Dca-pub-1723338371508128%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.62.161 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-62-161.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 4412d4a9b3b618b193621624df319c837154958ae19a3ebe963fcc24e33e88ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:06 GMT
last-modified: Thu, 25 May 2023 10:29:06 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 25 May 2023 10:30:06 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 32AE 85 KB
31 KB 87ms
13ms Script
text/javascript 108.138.36.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jw5528n0ambtf771bssr1e9782j4edjpfgqxhkfanbhfr1yzgq9xdy3rvgew4t19028y46tra6c34r3qdzjkcz8t244btf9vbh9n6zmnzk7dtqsw662jh6wn11sfv4awj41md14twqsjf5ccqpyd7xvfk7kzj7bxkba2t5ngff1mm8m1avv8s00bfpg7b5g2f3zbvnz1bep7pe4n986spmmbn39cnam7gjyxw1tzkdt3408spyy1tncz6jd2g0w1ksm2%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%252526client%25253Dca-pub-1723338371508128%252526adurl%25253D&clickref=oneidDXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjWoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneideYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpboneid__suite_Netmix_Reach128_WEBGAINSMOSTLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-89.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 07:31:17 GMT
content-encoding: gzip
via: 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 10670
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: JKJW68NQR9AOFOTc63hg7jwAwty1JUEjdF3rOLpWWOH52ahQdVstKA==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 32AE 15 KB
15 KB 54ms
12ms Image
image/png 108.138.36.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1685010846&Signature=GwuBeCnHpzPPY1meYGl0IgVtsTFi64tjW25NXP3lUPMqSQO9wWwl8xVX42B924HlG0rJLV0KK6GbJLO0yrPdBjv08fYV6VAnuqw9J6vSv4SQTiFxEgu3KVElemM1x1Kgh1Arayz1Zd8nOhBNn3qQfHemC9KiiWYpUPM42BmDDfwF2VLdpRmiED8UkRqHcrWsI-4voLSUNNm6IPC7H7noJ3MhMyDDY4BP0qTu-UWx3Kaf7SlC9nkeOvPxU~UJYmVvs5s3UEAnh94qGcQd7CQ0mRAXFJUAY1jeCvI4uyYgvwRmqvgTcRueJTDTCMdLulRivAsyMfqQmRDVtNVQUneEhw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=47681a1e4ab9d35bbadbe3133d4eb883%2F14001344634175142466&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685010546695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%2526client%253Dca-pub-1723338371508128%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-11.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 25 May 2023 06:14:30 GMT
via: 1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 15277
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: E55Q5jab-VEkN1XYZKhE5i4aHNGxY_s6YMNqxDWxQ4uKIharCUwijQ==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 62ms
61ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230522&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b7cc3d5307e86faa632305932ad5d73b8bb8edd3134fca0b68cb32e3e7c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11280
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 May 2023 10:29:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 474B 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnew.twitchoverlay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 09:39:15 GMT
expires: Fri, 24 May 2024 09:39:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 61EC 783 B
536 B 16ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0a66f6d9601c69b8fc8d6640c19f2b77c2467668f8999feaac79dec6f106fefc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6A4AmHj-LeUCK7POC1r0mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newnew.twitchoverlay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-6A4AmHj-LeUCK7POC1r0mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 10:29:07 GMT
expires: Thu, 25 May 2023 10:29:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js Show response
pagead2.googlesyndication.com/bg/ Frame 474B 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 09:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 May 2024 09:15:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 61EC 0
0 41ms
41ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230522&jk=920133617030352&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 474B 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Qin15A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:29:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F922 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3V3afkFUPSDHsSlYjQN9udwq1Evv7DBSshOWkZxYyUlv4BWSVXKsfVEN2B_dj03j6UFyDfiaeiFPG9AC5cNGKJjtU&sig=Cg0ArKJSzFsDo65gp_GiEAE&id=lidar2&mcvt=1060&p=0,0,90,728&mtos=1060,1060,1060,1060,1060&tos=1060,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2932901231&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685010546304&rpt=288&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 10:29:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 86ms
22ms Preflight 35.176.156.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.156.184 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-156-184.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 25 May 2023 10:29:07 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 32AE 16 B
232 B 65ms
64ms Fetch
application/json 35.176.156.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.156.184 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-156-184.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 May 2023 10:29:07 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230522&jk=920133617030352&bg=!FxSlFEDNAAZ8_aWmXP07ADkAdvg8WtBzmqGDJQxzIt0Nhlloar4IKLqQv42mRn_I5SV4lC-tVPUC2Epst3iMjr332GoDM1ZraRcCAAAAUFIAAAAEaAEHCgBPbvcK16AA97X1daNgQevh9WHuau-WM2ihcvJmix5j-x7L_qbhGY2wRAZc7Nqqm-fzvtkn0O9mEtvYlOsO_ooP_e2T-3VhaBt_S8bOKLOR1JkCog0cx3tvs6lBJIslHDYnDm2gm4lhS5TVgKEyQvhR6AvKCXr-vBCDns-34BDDL9Cu-7NzN36idZg8ZoJtA6G6W_bOifwhXPqGMFcPb1oYcYVJ7LiQOMbEQNRKAV2DHaGRDKdPvaX76U1itSEjOifv4gFwENIEA-Q0GbsFET7EFCXp2jp53SBl7qC_XdbTJNTLXD_GzNOIBRGjPoyTRC3QjvTjEmft-FoMC85AdF2_4bEALPn3MrRyM65fZVG6HJFp50b8w0zmAngmtmZB0Kt2hA3Jz4JGWEzgyRibUNhEndlxBLchpovn6Ox1K2qEcRW-hVZT1PCXB-PnQaLffmCJ-FvN89w81Ftw72VWobP1pkalt2lXNiYLRic5fSggUXO7AToqdYzSc5R89aKhT_vqlDsm9cY69Oi0cJqOZOp0Dba1nBG2OC3cl8CELd5tgrFnI8rXPPnk1hTEipGwODqOH-WKsWOWwqoSF6BIEaOb6vHADNP6tSSiJcuewAQtNeUY_4oj8amm_1MpBVXCZlNJGL0Z1fdJBnAJOpoOoOQZP1iuXk0Ae0WNPzO_weSsN4EKVF-5wtPiay_6EZwiAehSxKMlRCWT_8hPcuw8J30kZIF5Y2NV4OUEitm8n6O9myZcshVa49GE13K8v9RCICbsP3_2A5Eil2JJwP6b4byoZvUzZddu6DwVkqnwzgR5E_5tDIPLq0CZcTiwb6HiQFuv0MXDwyJvsjoS49L_uxYHq9k1oi50MjapOBIcHsBW64Cx-3E5PVieYsckRBdr_UZLcSlE4lZHTa5nmx2fUokUo6BcWiLZjuLCouDw2fIUUQ_B2JNLgosPsoLIS7Wk5AGVXfH6giQd1ruq20rpxfZ2I92usyocavGRi0ajW53x-36OV2TH
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newnew.twitchoverlay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
newnew.twitchoverlay.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d588702f7d1d2e520cf63bd7506796ea
.twitchoverlay.com/	1970-01-20 12:04:56	Name: _gid Value: GA1.2.1875826908.1685010546
.twitchoverlay.com/	1970-01-20 12:03:30	Name: _gat_gtag_UA_54516390_1 Value: 1
.twitchoverlay.com/	1970-01-20 14:13:06	Name: _gcl_au Value: 1.1.8981884.1685010546
.twitchoverlay.com/	1970-01-20 21:39:30	Name: _ga_72VEGFMT0W Value: GS1.1.1685010546.1.0.1685010546.0.0.0
.twitchoverlay.com/	1970-01-20 21:39:30	Name: _ga Value: GA1.1.672164064.1685010546
.twitchoverlay.com/	1970-01-20 21:25:06	Name: __gads Value: ID=cf9a60fa547b4836-220bab18b2e000f4:T=1685010546:RT=1685010546:S=ALNI_MbieR8JFaMx-OIy0__Lj1i9lLb1VA
.twitchoverlay.com/	1970-01-20 21:25:06	Name: __gpi Value: UID=00000c1bf812401f:T=1685010546:RT=1685010546:S=ALNI_MYcOob5dW7XvAIkATcs6_kDSHP48Q
.bidswitch.net/	1970-01-20 20:49:06	Name: tuuid Value: 6a1a578e-c3c3-474f-a7df-3dfd6e16249e
.bidswitch.net/	1970-01-20 20:49:06	Name: c Value: 1685010546
.bidswitch.net/	1970-01-20 20:49:06	Name: tuuid_lu Value: 1685010546
.w55c.net/	1970-01-20 21:35:11	Name: wfivefivec Value: qHwPC6id1Q28ds5
.travelaudience.com/	1970-01-20 21:35:11	Name: _tracker Value: %7B%22UUID%22%3A%22C832236D-FEF2-4E22-9C42-EF64855396FD%22%7D
.w55c.net/	1970-01-20 12:46:42	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 12:48:08	Name: C Value: 1
.adform.net/	1970-01-20 13:29:54	Name: uid Value: 185948022772664582
.scoota.co/	1970-01-20 21:39:30	Name: tuuid Value: c541a988-73c2-499b-ac61-e790efb4aaac
.scoota.co/	1970-01-20 21:39:30	Name: c Value: 1685010546
.scoota.co/	1970-01-20 21:39:30	Name: tuuid_lu Value: 1685010546
.doubleclick.net/	1970-01-20 21:25:06	Name: IDE Value: AHWqTUnZS0Se4XFGAKTIkElONe55VsPco6X8m54acZRmyAwI86g8qHe2LMLnx0A6i7E
.turn.com/	1970-01-20 16:22:42	Name: uid Value: 9154922210518516944
.awin1.com/	1970-01-20 12:06:23	Name: awpv20044 Value: 412871\|1685010546\|fa679d70-fae6-11ed-b339-2265b7c46fb7
.awin1.com/	1970-01-20 12:06:23	Name: awpv14702 Value: 412871\|1685010546\|fa69c051-fae6-11ed-9a9c-22335c3bbb34
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 365825:2531885

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i.imgur.com/p0qxXC7.gif Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/GeV9BVz.gif Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/ba6Flyh.mp4 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/BU3fCc9.mp4 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/7qYQFqh.mp4 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/t3aKwpp.mp4 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://i.imgur.com/IR4FzOf.mp4 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://kit.fontawesome.com/925f9fe406.js?ver=6.2.2 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://as.ad4m.at/ad/dr?ed=1jdbybxc190t5fhdp1qxjdrt2cp9h7h9gvkxbe1qnmq7z8v41pvz10c7w1g9ams8t9gsfjrt54d6jjffbx5pdppkrxw4f2ftce859ccj50qhhpszvgy6ftckzd031fx3v9n0gabawa9h4vc2mbtfzj7stvec2fh280tbtqkcrwx6dgy32n6ewezkqgxr6z13b9w0wgr07e1e7s10qb5h7e6tjx4dmsjg80xte9nqt8vp77fa8zp42eyhyzdjahrk7rhc1bspa28xcyyrwah3r21gdarg305wthnr8xghtx0gs1cmvzhbwfx5351k4dzh2t1kxdbh51jf326mn9qxyn1bx8pqtqxk3fp3mbqvk440f4fdn3x8wp9m7st78kj8841ksy8ewkrhg6k6p9j4pgvkyf6vahr4jxjrc2q08y5pqp97ha5pwrj8g1a4xmbdhxcn0c9a64&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%26client%3Dca-pub-1723338371508128%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C117569%2C19769&b=eYdU3fVfreQGCjHZHet1tXpEZfwSQTKrACYXpb%2Ck7Vh5f3fD2kYa4HwHetBtxPrtZSjTm3baj7m6%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr&f=DXdT3fwfGjkQU3HmH9twCkp9QCxSmTYW3aXdjW%2CzR7CRfYfk3KMFpHBHMtJC9dGtVSwTQ2GCrp6Y%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM&c=728&d=90&e=&g=47681a1e4ab9d35bbadbe3133d4eb883%2F14001344634175142466&i=71725%2C29981%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1685010546695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k0wxm8f1x2n5yprr4atxshcvcpcrw7nb96xws2nrvbyjtd20q9nfjx9g7jjhy95e11gbv7swf938p5fvsmgc7qsnvr0qyg0k88vy5zwq62h0btpcp21xcc58kw9bq7kv2wqry0z3mxe031qnprvxafs1v97pfrk2y0vb36cz1frv2cdynyvrk3r49hjg80pah3v1qd8z16g4fffc9mkqv32vrz245qqpw40zz1ppadsg2hksabnfp2njkvpdv7jdn7j8ghv96mzvm8tvpfefv4a5c%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCZ2GTcjhvZPfYE42f-wbPrp2YApDhgYRctqjCivACwI23ARABIABglfqXgqwHggEXY2EtcHViLTE3MjMzMzgzNzE1MDgxMjjIAQmpAkpR8hrg_LE-qAMBqgTAAU_Q0wOFMHuikOTTwcSoSUc6C-LsDJrtyLi8i_Xmyhnk4pRYuj0LLxHOU6pBnbSH99waUHPi5Hb-AuvQjdOUnpgHwsh9kvH5RFGPvhIS-MPokHlPcjReen1qZlbL3gUdALefl4580oldlwHygzMEVpUlXE2l8v_vZCt5vg1TZb0UGtCqKiIyytD07uKNimGMzptSxu7XsYZzgx1P7_YdFPiD1oWnmg_j__jyqFs-3BduW_YrZ5TfJaD1eRwiNLIscYAGxNGe9MiAzrylAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F3mKZbKmwzbHRz82uWFzkh6-jYg%2526client%253Dca-pub-1723338371508128%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://analytics.webgains.io/pvClk.min.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
kit.fontawesome.com
match.adsrvr.org
newnew.twitchoverlay.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
prod-rtb.ad4mat.net
r.scoota.co
r.turn.com
region1.google-analytics.com
static-de.ad4mat.net
stats.g.doubleclick.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.64.118.247
108.138.36.11
108.138.36.89
142.250.185.194
146.75.120.193
15.197.193.217
158.106.132.129
178.250.7.11
18.132.62.161
18.196.255.22
2001:4860:4802:34::36
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700::6811:190e
2606:4700::6812:1634
2a00:1450:4001:800::2003
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2008
2a00:1450:400c:c0c::9a
35.176.156.184
35.190.0.66
37.157.4.23
46.228.164.11
54.76.65.236
54.93.94.146
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
098c95eaff5b25968450fd9c61991740f612d4ba57eb25d566ea7a31b09912ab
09c61226914a1655e5be3978b8e83f785bd4cb38259a77bb95e11dc8549ec68a
09e95d051f1244347b5c2082d233ed7df7ffc6bb83bc24f10fd25a3b39727bc4
0a66f6d9601c69b8fc8d6640c19f2b77c2467668f8999feaac79dec6f106fefc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
1c91dbf6c82212583facef0f70a6d4c47c0603c039e2287cdc28c4cdf08db1e8
1da401a8c44a9207094091fe3eb9e17b6b51eb88bc0b992065398e1b760aaa1c
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
24ef39cf7f17ee8fa232e3c50c5f93f7c695b046ef58ad45c32c01c5085b8ac8
284628c43276ea2c6d61e24966fedca363ee911107fadeb21e069a8954f4edbe
2909d4fa86cf09191e768576e1a6eab7f2635a2627549c45d29595ffac9c0da9
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
311d6fb63129ca86b8cb78c6ae5fd7a95bbf39f3bb4c2960a950999dcda873c5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
40d2dfa80fa7e4f556716c48267ced327c7282f4fd1c064d08ca192afa916ce6
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
4412d4a9b3b618b193621624df319c837154958ae19a3ebe963fcc24e33e88ed
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b166867aec3d083fe83aed1f51bc6a087ac4cda3b285b289192bb724e1522d4
4ce0d86883f09d8c7c6e75bfb665b429cdd69a292697cb305e49cda3186d7a5f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fdd92153c81091cc1cd64a9b516b1861118fa49b634c6da6341643a900a0b9e
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62af93d4ccc387c5c651fc84534213e4f18424941c2458139edd11c309d29d7c
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
678460402c1b502936b7bc2fe0cc4d964e2c3c4f5e163ef36e3a3fc354d614c6
6797c077654da137fb8c518484a1b2e6fa32c76eb6427d620851693463ac89d1
6d0b7cc3d5307e86faa632305932ad5d73b8bb8edd3134fca0b68cb32e3e7c67
6fb48fb14effad0669f76a000a143d22e573dfa4135844fc8b20faac9869c359
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76
8121934353dc5f61657052349bc811fadca2bb617e15add87b8bbef180e49b8d
84c53b7776964f8b11ff4a5ca8b6cb7be232cbd2027e09224da751756a64e23d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859211825eea6f575a6ebc89a281bbceedfba6d3962b0194dc5a69e9970aa044
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e04215633c69b2d430a88a1c84cee90579bab8d94bf4f81850f890cdd065437
8eb1a4366edf07ee523b40b62093b2b485a307f308b65af62f3802838173ca27
91474b91498e72e7e52c3f16d594370ca8f5ac0609709b6d2cbdc6b740e122ad
97fb2b3ac6c6b811b80abba7b4b1b50b915d2e4add37cfa464f1bff6a47cc5fc
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b92a2ad083d1e1c7494f87d86339a25ec8f1df52a87984ddf8db1b98cfe366b
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9c7bb881d50daf10495cb74da00bd5530559e1d819b85a29db561f3e93762f05
9f73fc38fe1e69919d8113cf47d74c7696b46e913b512709c7b7cfee799b0a8f
a16c1471ad364f5ed1610dfec204abbbc62b38a768f6390c5f7fc9ecc3842909
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab50f8066522a61b5d0a09db2469e41ae60f7461936f8e32283cc8f8bfd93ce2
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b45931892068e34ae884513e9a88489e129a09b9a84c07ee0d04f0493541a6bd
b84459cf8cf305ab78d87f9dfe8119879dc20264ddcbb14ab0d93b3e6a2c41e0
b8d41ed72c906e81527a0470beb762139c4c89a7fb40199eb4ac04c72781f076
bde4009d7f40b42d3f24950292f2fc42245ee9e0db8f0c949e02197871e58b66
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c6a0705dad76bb538041fea955a0008fe1f31c5d0ba8ff7ac975880ccf425329
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9ba420ff101ef5217ef91ab252b359719fbb28679e2bed54814401840c4649b
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
db4f1e4a3807527150a46a074450392d7f3f11c1a3fe5a5786f0df840babbc47
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df4a80a049be50c92da1f19e31d7292a3b19c8a6ed9b5c5c34d432bedeb089d4
e069f6e3ccaffd9be910613392e83b45b7d28a0c707707886755c1f9cd38cb10
e1e30b95e4abc86d05192687eb1ade27e3449be900b3f7a2c478280a01e8e83d
e21110fc0c06a5ba2765ac813658c5be800c252019ba92ab682640efffeb4804
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f14fc410f5257b93a43604fbd9fa9c9c8e25d57e9b778330bc85045a1e2b1d
e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc
e7538c5d05fe0efd703b2ecf1120df38fc85dc714b287e19aaf5f4ddcc4db518
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec71216be58a3b578d0a4dc33f8c0511311e83d8a59b16401b4837adaac1761e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f527300de3e833fb72f6bd9c89ef52aa5a3994202cdab5564e87fe287583346c
f756c440f514d9085faf7adab14bbaaa8e13cf31051f822125c85e9fe128ecbc

newnew.twitchoverlay.com Open in urlscan Pro 158.106.132.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

113 Requests

96 %HTTPS

56 %IPv6

28 Domains

39 Subdomains

32 IPs

8 Countries

1748 kBTransfer

2888 kBSize

24 Cookies

23 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newnew.twitchoverlay.com Open in urlscan Pro
158.106.132.129 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

96 %
HTTPS

56 %
IPv6

28
Domains

39
Subdomains

32
IPs

8
Countries

1748 kB
Transfer

2888 kB
Size

24
Cookies

113 HTTP transactions
7 data transactions