twinstrangers.net Open in urlscan Pro
52.212.104.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://twinstrangers.com/
Effective URL:
https://twinstrangers.net/
Submission: On April 18 via manual (April 18th 2021, 3:23:01 pm UTC) from CA

Summary HTTP 126 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 27 domains to perform 126 HTTP transactions. The main IP is 52.212.104.44, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is twinstrangers.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 22nd 2020. Valid for: a year.

This is the only time twinstrangers.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.242.7.105 34.242.7.105	16509 (AMAZON-02) (AMAZON-02)
27	52.212.104.44 52.212.104.44	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	192.229.221.102 192.229.221.102	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	52.89.203.78 52.89.203.78	16509 (AMAZON-02) (AMAZON-02)
1	34.213.103.174 34.213.103.174	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::621	54113 (FASTLY) (FASTLY)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2016	15169 (GOOGLE) (GOOGLE)
1 3	143.204.245.56 143.204.245.56	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	13.248.193.180 13.248.193.180	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1 1	18.194.113.221 18.194.113.221	16509 (AMAZON-02) (AMAZON-02)
7	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 2	54.149.211.134 54.149.211.134	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
126	31

1 34.242.7.105 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-7-105.eu-west-1.compute.amazonaws.com

twinstrangers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 52.212.104.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com

twinstrangers.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.102 (United States)

ASN15133 (EDGECAST, US)

asset.fwcdn1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.89.203.78 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-203-78.us-west-2.compute.amazonaws.com

p2.fwpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.103.174 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-103-174.us-west-2.compute.amazonaws.com

r1.fwpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::621 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.245.56 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-56.cph50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.193.180 (United States)

ASN16509 (AMAZON-02, US)
PTR: a65ad14e1963e189f.awsglobalaccelerator.com

api.fw.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.113.221 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-113-221.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.149.211.134 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-211-134.us-west-2.compute.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	twinstrangers.net twinstrangers.net	478 KB
26	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	253 KB
23	doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	81 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	208 KB
10	youtube.com www.youtube.com	2 MB
7	google.com 3 redirects adservice.google.com www.google.com	13 KB
4	googletagservices.com www.googletagservices.com	135 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	openx.net 2 redirects rtb.openx.net	758 B
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	google.de adservice.google.de	287 B
2	fwpixel.com p2.fwpixel.com r1.fwpixel.com	206 B
2	facebook.net connect.facebook.net	66 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	agkn.com 1 redirects d.agkn.com	758 B
1	quantserve.com cms.quantserve.com	463 B
1	fw.tv api.fw.tv	811 B
1	ytimg.com i.ytimg.com	27 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	googleadservices.com partner.googleadservices.com	646 B
1	polyfill.io polyfill.io	4 KB
1	fwcdn1.com asset.fwcdn1.com	108 KB
1	twinstrangers.com 1 redirects twinstrangers.com	218 B
126	27

	Domain	Requested by
27	twinstrangers.net	twinstrangers.net
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net
10	www.youtube.com	twinstrangers.net www.youtube.com
10	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
10	pagead2.googlesyndication.com	twinstrangers.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	www.google.com	3 redirects www.youtube.com googleads.g.doubleclick.net
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects asset.fwcdn1.com twinstrangers.net
3	fonts.googleapis.com	twinstrangers.net googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	www.gstatic.com	www.youtube.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	twinstrangers.net connect.facebook.net
2	www.google-analytics.com	twinstrangers.net www.google-analytics.com
1	pixel.rubiconproject.com	1 redirects
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	api.fw.tv	asset.fwcdn1.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	polyfill.io	asset.fwcdn1.com
1	r1.fwpixel.com	asset.fwcdn1.com
1	p2.fwpixel.com	asset.fwcdn1.com
1	asset.fwcdn1.com	twinstrangers.net
1	twinstrangers.com	1 redirects
126	33

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
twinstrangers.net Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
fireworktv.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-12` - `2021-11-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
fwpixel.com Amazon	`2020-10-15` - `2021-11-13`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-13` - `2022-03-26`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://twinstrangers.net/
Frame ID: B55FCB0829C13FE88E7A23CE204749D5
Requests: 57 HTTP requests in this frame

Frame: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0
Frame ID: 3140816C538F8C4BD482A040C127A055
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/zrt_lookup.html
Frame ID: 9014930D9A863B31E04A89AADF93B996
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&adk=1812271804&adf=3025194257&lmt=1618759176&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftwinstrangers.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361198&bpp=12&bdt=329&idt=119&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3488678658280&frm=20&pv=2&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=142
Frame ID: 802F29094105FA3B69FEA82E4340EDBD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143
Frame ID: CCAEE03D7F622C6134BDACB5616E119B
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=1655883257&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361216&bpp=1&bdt=347&idt=151&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C550x280&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=96MNCXUqpN&p=https%3A//twinstrangers.net&dtd=155
Frame ID: 688B38FD5044DCC2D28C95899D56D1DB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=60&adk=2499841291&adf=1056458448&pi=t.aa~a.3419507048~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&to=qs&pwprc=8460399179&psa=0&format=1200x60&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361602&bpp=1&bdt=732&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423ababb42a8a4d2-22693a2e29bb00e8%3AT%3D1618759361%3ART%3D1618759361%3AS%3DALNI_MYFwz-lDTY3-l1HYUL3-XVkWmCz6g&prev_fmts=0x0%2C550x280%2C550x280&nras=2&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lP9YpRbUJm&p=https%3A//twinstrangers.net&dtd=9
Frame ID: 54660E67F45A57AFEE9902981748AAAF
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6F6E1E93250511CEF6A177D433EA5C08
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js
Frame ID: D423106A44D47E8D67E6A0EEB71E8466
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 60690F680084E956F342B5A5E07A5BD8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js
Frame ID: 365DF0335AF67A5C7831D43FC2B04563
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 367FA872ED0C03987179C13E46257EC9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 325D282C7768CC2A4824E81293F552EC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js
Frame ID: DA10ED9D6B49972CE23B157391380129
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: FEFBBEB1B9C0E8232992F2568F6E6B5D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://twinstrangers.com/ HTTP 302
https://twinstrangers.net/ Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/polyfill\.min\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

126
Requests

100 %
HTTPS

59 %
IPv6

27
Domains

33
Subdomains

31
IPs

4
Countries

3203 kB
Transfer

5438 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/twin_strangers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/twinstrangersofficial

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCeiNMDTRFR_QTiVHLYlufEw

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://twinstrangers.com/ HTTP 302
https://twinstrangers.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://sb.scorecardresearch.com/b?c1=7&c2=34213477&c3=1&ns__t=1618759361722&ns_c=UTF-8&cv=3.5&c8=find%20my%20look-a-like%2C%20my%20face%20double%2C%20doppelganger%20or%20my%20face%20match&c7=https%3A%2F%2Ftwinstrangers.net%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34213477&c3=1&ns__t=1618759361722&ns_c=UTF-8&cv=3.5&c8=find%20my%20look-a-like%2C%20my%20face%20double%2C%20doppelganger%20or%20my%20face%20match&c7=https%3A%2F%2Ftwinstrangers.net%2F&c9=

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 115

https://d.agkn.com/pixel/2175/?google_gid=CAESEPcqRQStAJIqtRCR1neqeTY&google_cver=1&google_push=AQvitUJzI-uw02QfhXQIrIesL9SIeTV_D7n6BfbUklLdFsU6Od7BzsnBRpXcbtjYW7wGGRGEkv6WyuJDou6UhNkdrvgbSQH5iTU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUJzI-uw02QfhXQIrIesL9SIeTV_D7n6BfbUklLdFsU6Od7BzsnBRpXcbtjYW7wGGRGEkv6WyuJDou6UhNkdrvgbSQH5iTU&google_hm=Q0FFU0VQY3FSUVN0QUpJcXRSQ1IxbmVxZVRZ

Request Chain 116

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKQBycDmAl4SU90bNCqWUmOfPz_IOjKIGBWrYZQhhzdB3UftxVGXMv0vLezVLgvXzAdOROSAMIIXiRz4rsb74hIijY3Y6G_&google_gid=CAESEOBMlCz1j0XKmrNUPN7w-5Q&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKQBycDmAl4SU90bNCqWUmOfPz_IOjKIGBWrYZQhhzdB3UftxVGXMv0vLezVLgvXzAdOROSAMIIXiRz4rsb74hIijY3Y6G_&google_gid=CAESEOBMlCz1j0XKmrNUPN7w-5Q&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTgxNTIyNDMzMzg3MTUxNzgzMzg3Mg%3D%3D&google_push=AQvitUKQBycDmAl4SU90bNCqWUmOfPz_IOjKIGBWrYZQhhzdB3UftxVGXMv0vLezVLgvXzAdOROSAMIIXiRz4rsb74hIijY3Y6G_

Request Chain 117

https://rtb.openx.net/sync/dds?google_gid=CAESEDZy3i99MvwoiooMflVGEGA&google_cver=1&google_push=AQvitUKwiiO-lEmwtCp3ZneotYdwYTX0TAa2v8aWZSjAmF35OO51wvEtxR1zP2CPE24N5FZXQ1AumYpDpWSyw2G2EE3p5BzyxskS HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEDZy3i99MvwoiooMflVGEGA&google_cver=1&google_push=AQvitUKwiiO-lEmwtCp3ZneotYdwYTX0TAa2v8aWZSjAmF35OO51wvEtxR1zP2CPE24N5FZXQ1AumYpDpWSyw2G2EE3p5BzyxskS&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKwiiO-lEmwtCp3ZneotYdwYTX0TAa2v8aWZSjAmF35OO51wvEtxR1zP2CPE24N5FZXQ1AumYpDpWSyw2G2EE3p5BzyxskS&google_hm=WQ-h53tKyi0gl6zPdn4K9A==

Request Chain 118

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHd3HTG5ov-vkYrdkfQ8jxo&google_cver=1&google_push=AQvitUK09DC7d9P22UiNTyXyH57R9mkdgJ8Tgu6TX1M0CzmM3AgRSqeokUflAuALNdeIoqleDBlZ6gT6hckUpgfH9K4emfaG_Z78 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHd3HTG5ov-vkYrdkfQ8jxo&google_cver=1&google_push=AQvitUK09DC7d9P22UiNTyXyH57R9mkdgJ8Tgu6TX1M0CzmM3AgRSqeokUflAuALNdeIoqleDBlZ6gT6hckUpgfH9K4emfaG_Z78&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SCyQwqlqQfWXg1gvUxLfhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK09DC7d9P22UiNTyXyH57R9mkdgJ8Tgu6TX1M0CzmM3AgRSqeokUflAuALNdeIoqleDBlZ6gT6hckUpgfH9K4emfaG_Z78

Request Chain 119

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDEM7LqKYtIK6mudbC9CHzk&google_cver=1&google_push=AQvitUKpkltvIqnB8tTCKcq_38JEZMSgrPhMW3KFaqxgWyzZyNj3Ho0gnLSVO2Bs42zayVkJ1P5TEUu5thpO5PmyqBv3VHr32M59 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05OQkoyMEMtMTQtNkFEMQ==&google_push=AQvitUKpkltvIqnB8tTCKcq_38JEZMSgrPhMW3KFaqxgWyzZyNj3Ho0gnLSVO2Bs42zayVkJ1P5TEUu5thpO5PmyqBv3VHr32M59

Request Chain 120

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDnVx_3-GVwSjW2RabbT91g&google_cver=1&google_push=AQvitULTl1ohTgIocop7DNtJsGfz8A6EG63w4SDtuadVDvmVpqZ7ldw2CFlIQ_sJbh4w_UK4Pp4VsySsfNgTj0YOzY5Yt6auIGun HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDnVx_3-GVwSjW2RabbT91g&google_cver=1&google_push=AQvitULTl1ohTgIocop7DNtJsGfz8A6EG63w4SDtuadVDvmVpqZ7ldw2CFlIQ_sJbh4w_UK4Pp4VsySsfNgTj0YOzY5Yt6auIGun&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHxOwrPIgi8IgxHqMxfwfgAABGQAAAIB&google_gid=CAESEDnVx_3-GVwSjW2RabbT91g&google_push=AQvitULTl1ohTgIocop7DNtJsGfz8A6EG63w4SDtuadVDvmVpqZ7ldw2CFlIQ_sJbh4w_UK4Pp4VsySsfNgTj0YOzY5Yt6auIGun&google_cver=1

Request Chain 123

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

126 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
twinstrangers.net/
Redirect Chain

http://twinstrangers.com/
https://twinstrangers.net/

25 KB
8 KB

194ms
32ms

Document
text/html

52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: cf9a24b1e56bd88f80a6acc2528011b0dff25baa5f8d455c9e3ae3249cbb4336

Request headers

Host: twinstrangers.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 18 Apr 2021 15:22:40 GMT
ETag: "651a-5c040bdb6e8ec-gzip"
Last-Modified: Sun, 18 Apr 2021 15:19:36 GMT
Server: Apache/2.4.7 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 7444
Connection: keep-alive

Redirect headers

Content-Type: text/html; charset=iso-8859-1
Date: Sun, 18 Apr 2021 15:22:40 GMT
Location: https://twinstrangers.net/
Server: Apache/2.4.7 (Ubuntu)
Content-Length: 292
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 24 KB
1 KB 18ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:200,100,400,300,500,700%7CRoboto+Condensed:400,300,700%7CRaleway:400,300,500,600,700&subset=latin,latin-ext

Requested by

Host: twinstrangers.net
URL: https://twinstrangers.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bf885e0c0a280c547e8073d944feb59edbe0d3b33c18e39c5b9c7dbacb9d3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Apr 2021 15:22:40 GMT
server: ESF
date: Sun, 18 Apr 2021 15:22:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Apr 2021 15:22:40 GMT

GET
H/1.1 200
OK jquery-2.1.4.min.js Show response
twinstrangers.net/js/ 82 KB
29 KB 172ms
57ms Script
application/javascript 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twinstrangers.net/js/jquery-2.1.4.min.js
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Aug 2015 14:52:43 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "1497d-51d469aa564c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29541

GET
H/1.1 200
OK functions.js Show response
twinstrangers.net/js/ 16 KB
5 KB 148ms
32ms Script
application/javascript 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twinstrangers.net/js/functions.js
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 02e69f228e1c94f59b38885b064e43d3df5a74030ee73eac2b4617f7f1a33d1f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jan 2018 17:30:38 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "40e7-563247052cb80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5235

GET
H/1.1 200
OK jquery-ui.min.css
twinstrangers.net/ui/ 31 KB
8 KB 34ms
32ms Stylesheet
text/css 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twinstrangers.net/ui/jquery-ui.min.css
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Sep 2016 15:34:06 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "7d4c-53c7975a4d780-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7893

GET
H/1.1 200
OK jquery-ui.min.js Show response
twinstrangers.net/ui/ 248 KB
67 KB 178ms
60ms Script
application/javascript 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twinstrangers.net/ui/jquery-ui.min.js
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Sep 2016 15:34:06 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "3dee5-53c7975a4d780-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
transfer-encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery.ui.touch-punch.min.js Show response
twinstrangers.net/ui/ 5 KB
2 KB 154ms
32ms Script
application/javascript 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twinstrangers.net/ui/jquery.ui.touch-punch.min.js
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: e0ec73f7426cc42a1ec204365eaf74a1abb553dda7699e3a387229e3e6f1b79f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Dec 2016 05:39:29 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "13d0-54438b16b2640-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1415

GET
H/1.1 200
OK ts6.css
twinstrangers.net/ 33 KB
8 KB 66ms
32ms Stylesheet
text/css 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twinstrangers.net/ts6.css
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: a9e3c80197ed24e9c9aad319699de1b45ac989c9599f0ea7af4879d167fc9072

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Mar 2021 01:21:13 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "82d0-5bc6f6efcb440-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7697

GET
H/1.1 200
OK font-awesome.css
twinstrangers.net/css/ 28 KB
6 KB 98ms
32ms Stylesheet
text/css 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twinstrangers.net/css/font-awesome.css
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 95cfd277c45ba4d9722d84e7f4ac17af9937ca4010d08eca819a8fb98b305991

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Sep 2015 10:25:00 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "7001-51ec114339700-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5715

GET
H/1.1 200
OK remodal.css
twinstrangers.net/vendor/remodal/ 2 KB
971 B 130ms
31ms Stylesheet
text/css 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twinstrangers.net/vendor/remodal/remodal.css
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 9c0fd6631ad1eaee4b09018118d627f78785823ab339df91869878c10b8c1751

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Feb 2020 17:02:40 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "6a5-59e8c2c560c00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 668

GET
H/1.1 200
OK remodal-website-theme.css
twinstrangers.net/vendor/remodal/ 8 KB
2 KB 140ms
29ms Stylesheet
text/css 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twinstrangers.net/vendor/remodal/remodal-website-theme.css
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: e98e911f27c13161575bf31220b077b28b8cae53534c3bc0faaba2db5d138b36

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Oct 2020 15:57:48 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "1e7d-5b258a4632f4b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1854

GET
H/1.1 200
OK remodal.min.js Show response
twinstrangers.net/vendor/remodal/ 8 KB
3 KB 162ms
31ms Script
application/javascript 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twinstrangers.net/vendor/remodal/remodal.min.js
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: cab326ef144c8e6a9324a63e287c900827960cc08c2d9ec027d670a6bc1d4983

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Feb 2020 17:02:41 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "1e96-59e8c2c654e40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2679

GET
H/1.1 200
OK home_m.jpg
twinstrangers.net/img_new/ 98 KB
98 KB 34ms
32ms Image
image/jpeg 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twinstrangers.net/img_new/home_m.jpg
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: d87165233cefdc238524de7ddc09242695cc075d970055d846e35fa3a924c594

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Last-Modified: Mon, 16 Oct 2017 15:33:56 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "186c1-55babbc0c2100"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 100033

GET
H/1.1 200
OK ib.jpg
twinstrangers.net/img_new/ 7 KB
7 KB 35ms
33ms Image
image/jpeg 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twinstrangers.net/img_new/ib.jpg
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 745cc4cf097045c73a327372b412dd80b2074ea9916c074a89c7d0c55e660747

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Last-Modified: Mon, 12 Dec 2016 18:16:44 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "1cf3-5437a1b247b00"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7411

GET
H/1.1 200
OK x2.png
twinstrangers.net/img_new/ 725 B
977 B 35ms
33ms Image
image/png 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twinstrangers.net/img_new/x2.png
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 7d8ead9ee56f9e41a67a2058fb71df3ebb222af1de6db401923b96d68f59a003

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Last-Modified: Wed, 11 Oct 2017 09:11:20 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "2d5-55b41ce8e7e00"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 725

GET
H/1.1 200
OK io.jpg
twinstrangers.net/img_new/ 7 KB
7 KB 34ms
32ms Image
image/jpeg 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twinstrangers.net/img_new/io.jpg
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 408598ee27fe5fab8a9662803036c15b9532b7f7fdeabbb07dce58aa7a0c7fd9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Last-Modified: Mon, 12 Dec 2016 17:57:47 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "1cb7-54379d75f3cc0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7351

GET
H/1.1 200
OK v2.png
twinstrangers.net/img_new/ 780 B
1 KB 31ms
29ms Image
image/png 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twinstrangers.net/img_new/v2.png
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: c10758fa6ec88f82a02e559cc6ffc81ff9a6c1c2e1104e0788a5114eeaa42dd4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Last-Modified: Wed, 11 Oct 2017 09:11:22 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "30c-55b41cead0280"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 780

GET
H/1.1 200
OK exif.js Show response
twinstrangers.net/js/ 40 KB
9 KB 31ms
31ms Script
application/javascript 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twinstrangers.net/js/exif.js
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 771ee484eaae30f95c918f2b48511c4af9e430071b452c24063390b49b4e6074

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Oct 2017 14:20:27 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "9e06-55be70ec640c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9215

GET
H/1.1 200
OK binaryajax.js Show response
twinstrangers.net/js/ 6 KB
2 KB 30ms
30ms Script
application/javascript 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twinstrangers.net/js/binaryajax.js
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: caaffdeae228f27576869949080436493244162ba71ce4ebcd517b45292670f8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Oct 2017 14:16:44 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "172a-55be7017b8b00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1734

GET
H/1.1 200
OK Irene-and-Niamh_3.jpg
twinstrangers.net/files/UserFiles/ 61 KB
62 KB 32ms
31ms Image
image/jpeg 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twinstrangers.net/files/UserFiles/Irene-and-Niamh_3.jpg
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 53375f1a79864ba28dd70df8975c3eb257fba1652e896a70776e70f359f7b730

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Last-Modified: Wed, 02 Dec 2015 11:13:53 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "f56b-525e85e9bf04c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62827

GET
H/1.1 200
OK texas2.jpg
twinstrangers.net/files/UserFiles/ 21 KB
21 KB 40ms
39ms Image
image/jpeg 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twinstrangers.net/files/UserFiles/texas2.jpg
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: abaf774051f4582a5cc90f6ca8f16265025fc531de92ddef56c81f6e69cf900a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Last-Modified: Tue, 01 Dec 2015 12:23:27 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "530c-525d5398e42cc"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21260

GET
H/1.1 200
OK germany.jpg
twinstrangers.net/files/UserFiles/ 25 KB
25 KB 58ms
57ms Image
image/jpeg 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twinstrangers.net/files/UserFiles/germany.jpg
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 5dfee0890129d1ee1728c13e33487260e77cf37c318c9c2bff3607b31821184d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Last-Modified: Tue, 01 Dec 2015 11:48:55 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "62d7-525d4be13aa4c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25303

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 42ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: twinstrangers.net
URL: https://twinstrangers.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dad2ac3f093b8cdcca3bfce4fb4d0d7c2e72bd3247ea05ec5e383559d4c3a77f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48646
x-xss-protection: 0
server: cafe
etag: 9885252380620520250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 18 Apr 2021 15:22:41 GMT

GET
H/1.1 404
File Not Found file55abcb021e9bc.201507191706
twinstrangers.net/files/ 13 KB
13 KB 50ms
49ms Image
text/html 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twinstrangers.net/files/file55abcb021e9bc.201507191706
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.29
Resource Hash: 6b619ec5c39d8c8830b4087e53aa3a346098d8cf7f36e117ca2b07f302e05c2a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Content-Encoding: gzip
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Content-Length: 4617

GET
H/1.1 404
File Not Found file55abcb0f7466b.201507191706
twinstrangers.net/files/ 13 KB
13 KB 48ms
47ms Image
text/html 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twinstrangers.net/files/file55abcb0f7466b.201507191706
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.29
Resource Hash: 6534677c13320bd3779c6611fd560a35dbee7eb223bc6a5135acfc91a46f14f9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Content-Encoding: gzip
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Content-Length: 4622

GET
H/1.1 404
File Not Found file55abcb1dae6a3.201507191706
twinstrangers.net/files/ 13 KB
13 KB 51ms
50ms Image
text/html 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twinstrangers.net/files/file55abcb1dae6a3.201507191706
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.29
Resource Hash: 0fe47edaf3880462802c94453d000aa844b2f1e6c4c3407be86a49062255f7ae

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Content-Encoding: gzip
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Content-Length: 4622

GET
H/1.1 404
File Not Found file55abcb2c1e811.201507191707
twinstrangers.net/files/ 13 KB
13 KB 50ms
50ms Image
text/html 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twinstrangers.net/files/file55abcb2c1e811.201507191707
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.29
Resource Hash: 29ca530de35ebdfe63b1eb0e301c872948ddfff784f35259d104c2f669573291

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://twinstrangers.net/
Connection: keep-alive
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Content-Encoding: gzip
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Content-Length: 4620

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,100,400,300,500,700%7CRoboto+Condensed:400,300,700%7CRaleway:400,300,500,600,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://twinstrangers.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 497213
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 12 Apr 2022 21:15:48 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,100,400,300,500,700%7CRoboto+Condensed:400,300,700%7CRaleway:400,300,500,600,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://twinstrangers.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
age: 19143
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H2 200 O-qLmqO8SBk Show response
www.youtube.com/embed/ Frame 3140 51 KB
21 KB 53ms
53ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/O-qLmqO8SBk?rel=0

Requested by

Host: twinstrangers.net
URL: https://twinstrangers.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f106ac03a61d6673e50d8843004e1aeba07e118e3a596ed07c0c6e217ebde9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/O-qLmqO8SBk?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://twinstrangers.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://twinstrangers.net/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 18 Apr 2021 15:22:41 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=n1aAqZlID60; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=7CNPHFJI3Nw; Domain=.youtube.com; Expires=Fri, 15-Oct-2021 15:22:41 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+740; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK b2.png
twinstrangers.net/img_new/ 224 B
475 B 64ms
35ms Image
image/png 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twinstrangers.net/img_new/b2.png
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/ts6.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 5068c120c4f0d23bc271f424ce2a93cc33ebbcaef08010e5ac5a90c220d5160b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://twinstrangers.net/ts6.css
Connection: keep-alive
Referer: https://twinstrangers.net/ts6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Last-Modified: Mon, 09 Oct 2017 20:18:43 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "e0-55b22e59f6ec0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 224

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,100,400,300,500,700%7CRoboto+Condensed:400,300,700%7CRaleway:400,300,500,600,700&subset=latin,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://twinstrangers.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 497213
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Tue, 12 Apr 2022 21:15:48 GMT

GET
H3-29 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ 46 KB
46 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,100,400,300,500,700%7CRoboto+Condensed:400,300,700%7CRaleway:400,300,500,600,700&subset=latin,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://twinstrangers.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 10:38:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:37:32 GMT
server: sffe
age: 276259
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47272
x-xss-protection: 0
expires: Fri, 15 Apr 2022 10:38:22 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:200,100,400,300,500,700%7CRoboto+Condensed:400,300,700%7CRaleway:400,300,500,600,700&subset=latin,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://twinstrangers.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 39558
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 18 Apr 2022 04:23:23 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
twinstrangers.net/fonts/ 55 KB
56 KB 36ms
33ms Font
application/octet-stream 52.212.104.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://twinstrangers.net/fonts/fontawesome-webfont.woff2
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/css/font-awesome.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.104.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-104-44.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://twinstrangers.net
Accept-Encoding: gzip, deflate, br
Host: twinstrangers.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://twinstrangers.net/css/font-awesome.css
Connection: keep-alive
Origin: https://twinstrangers.net
Referer: https://twinstrangers.net/css/font-awesome.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 15:22:41 GMT
Last-Modified: Fri, 14 Aug 2015 14:52:35 GMT
Server: Apache/2.4.7 (Ubuntu)
Connection: keep-alive
Accept-Ranges: bytes
ETag: "ddcc-51d469a2b52c0"
Content-Length: 56780

GET
H2 200 fwn.js Show response
asset.fwcdn1.com/js/ 359 KB
108 KB 60ms
12ms Script
application/javascript 192.229.221.102
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.fwcdn1.com/js/fwn.js
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.102 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E96) /
Resource Hash: 84627f8f42fc391a1bd3779771a425e304bce1a62036b84b1a48300b74a07c54

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:41 GMT
content-encoding: gzip
age: 174334
x-cache: HIT
x-amz-request-id: EWJPWSFVX02CAHHN
x-amz-id-2: hKwewvW0GkOnJOOC8Ot7xiwB3khcoyC8MZl7zmNEWg4ROPU74M1Y+dgiqNiI+PoSeMMW+1SoV5k=
accept-ranges: bytes
last-modified: Fri, 16 Apr 2021 14:54:00 GMT
server: ECAcc (frc/8E96)
etag: "52090291dc0e4109a1b21bb625c95cdd+gzip"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-env: prod
content-length: 109938
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: twinstrangers.net
URL: https://twinstrangers.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 5179
date: Sun, 18 Apr 2021 13:56:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Sun, 18 Apr 2021 15:56:22 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 26ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: twinstrangers.net
URL: https://twinstrangers.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acb0132addd6826d976f133ea5706da5a83dc1746e1220804892653e305e1b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: a2FmMdaYTbs25tSQjH6cxQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: vIMsmon+ms465gNeTV9Bjb0qtlyREwrkLySlTkJ07cfW6COcjs8LswTMn2fdV/S00mS1PrZlT7zox3OrU7yQfg==
x-fb-trip-id: 917726464
x-fb-content-md5: 69bc85e913aabb7d3177606dfe8b4bcd
x-frame-options: DENY
date: Sun, 18 Apr 2021 15:22:41 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "faec2a92ed98c64487a377fe50594afa"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Apr 2021 15:26:40 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/ 222 KB
83 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4165455515453548&plah=twinstrangers.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84747
x-xss-protection: 0
server: cafe
etag: 7950800710615234990
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Apr 2021 15:22:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/ Frame 9014 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210414/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://twinstrangers.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://twinstrangers.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 18 Apr 2021 14:17:37 GMT
expires: Sun, 02 May 2021 14:17:37 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 3904
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 16ms
16ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1938907799&t=pageview&_s=1&dl=https%3A%2F%2Ftwinstrangers.net%2F&ul=en-us&de=UTF-8&dt=find%20my%20look-a-like%2C%20my%20face%20double%2C%20doppelganger%20or%20my%20face%20match&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2141207864&gjid=894024051&cid=588177719.1618759361&tid=UA-92882576-1&_gid=479603330.1618759361&_r=1&_slc=1&z=1723819295

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 15:22:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://twinstrangers.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/e0d06a61/ Frame 3140 355 KB
52 KB 20ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e0d06a61/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af519e8dc403523c3eae4761e1266ccde896aca39668ca1e1e8b2486e4d70072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 04:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 00:18:36 GMT
server: sffe
age: 39557
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53712
x-xss-protection: 0
expires: Mon, 18 Apr 2022 04:23:24 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/ Frame 3140 184 KB
65 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2cf5e546a2d6c8aeeba1c9e5e12d7d2ead31a0f403fb095b0415e153704a229

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 05:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 00:18:36 GMT
server: sffe
age: 34175
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66775
x-xss-protection: 0
expires: Mon, 18 Apr 2022 05:53:06 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/ Frame 3140 2 MB
2 MB 30ms
27ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af336d8d11cf599464400feea639b946743f4289c440c2aa9b95553a311e7db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 04:46:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 00:18:36 GMT
server: sffe
age: 38182
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1649914
x-xss-protection: 0
expires: Mon, 18 Apr 2022 04:46:19 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/e0d06a61/fetch-polyfill.vflset/ Frame 3140 8 KB
8 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e0d06a61/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 03:48:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 00:18:36 GMT
server: sffe
age: 41677
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8543
x-xss-protection: 0
expires: Mon, 18 Apr 2022 03:48:04 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3140 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 19143
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 216 KB
64 KB 15ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8a2235370b28bdbc0e29d37bca992ecf&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

132a291273e28876fa9f0964fa177b63dfd0bcbf4bc38a98aa422ed8dced5905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://twinstrangers.net
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: gy/QQMuqcPRtnPJli89HiQ==
cross-origin-resource-policy: cross-origin
expires: Mon, 18 Apr 2022 13:05:38 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65488
x-fb-rlafr: 0
x-fb-debug: 8y9c+gc4Zjah0Dv5qj26o0YtSvlXdi/jBqTMixO4iz93dljjc3X82OW7aFFdcnvaVtT2JCMyjUd2AylYh9boAA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4386966ba091a8dd6b12f1101495ed5a
date: Sun, 18 Apr 2021 15:22:41 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "460bb0acc93c303b0126bbfa73b41c63"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

POST
H2 200 system:page_load
p2.fwpixel.com/trk/ 2 B
103 B 579ms
184ms Ping
text/plain 52.89.203.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p2.fwpixel.com/trk/system:page_load
Requested by: Host: asset.fwcdn1.com
URL: https://asset.fwcdn1.com/js/fwn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.203.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-203-78.us-west-2.compute.amazonaws.com
Software: openresty/1.19.3.1 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryuSbUgrJ5ZBUDxTwj

Response headers

date: Sun, 18 Apr 2021 15:22:41 GMT
cache-control: no-store
server: openresty/1.19.3.1
content-type: text/plain

POST
H2 200 rum
r1.fwpixel.com/ 2 B
103 B 570ms
182ms Ping
text/plain 34.213.103.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r1.fwpixel.com/rum?app_id=MoFdXYQOWMRf522QJXks-ZPEFpjndpBO&publisher_id=MoFdXYQOWMRf522QJXks-ZPEFpjndpBO&widget_id=8d34c486&t=RENDER_STARTED&start=0&duration=764
Requested by: Host: asset.fwcdn1.com
URL: https://asset.fwcdn1.com/js/fwn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.213.103.174 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-213-103-174.us-west-2.compute.amazonaws.com
Software: openresty/1.19.3.1 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 18 Apr 2021 15:22:41 GMT
cache-control: no-store
server: openresty/1.19.3.1
content-type: text/plain

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 16 KB
4 KB 42ms
13ms Script
text/javascript 2a04:4e42:200::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=Array.from%2CArray.isArray%2CArray.prototype.entries%2CArray.prototype.every%2CArray.prototype.fill%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.flat%2CArray.prototype.forEach%2CArray.prototype.includes%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CArray.prototype.some%2CArray.prototype.values%2CArrayBuffer%2CBlob%2Cconsole%2CCustomEvent%2CDataView%2CDate.now%2CDate.prototype.toISOString%2Cdocument%2CElement%2CEvent%2Cfetch%2CFloat32Array%2CFunction.prototype.bind%2CIntersectionObserver%2CJSON%2ClocalStorage%2CMap%2Cmodernizr:es5object%2CNumber.isNaN%2CObject.assign%2CObject.entries%2CObject.freeze%2CObject.getOwnPropertyDescriptors%2CObject.getOwnPropertySymbols%2CObject.isFrozen%2CObject.seal%2CObject.setPrototypeOf%2CObject.values%2CPromise%2CReflect%2CReflect.construct%2CrequestAnimationFrame%2CrequestIdleCallback%2CResizeObserver%2CSet%2CString.prototype.includes%2CString.prototype.startsWith%2CString.prototype.trim%2CString.prototype.padEnd%2CSymbol%2CSymbol.for%2CSymbol.iterator%2CSymbol.prototype.description%2CSymbol.toStringTag%2CUint16Array%2CUint8Array%2CURL%2CURLSearchParams%2CWeakMap%2CWeakSet%2CXMLHttpRequest&flags=gated&callback=_fwnRender_io

Requested by

Host: asset.fwcdn1.com
URL: https://asset.fwcdn1.com/js/fwn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b4b3a9b081e2e0f94ef29fa2e178577d05395af6e118a80516b1ace351d28f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://twinstrangers.net
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 3950716
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 3814
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Mar 2021 20:00:16 GMT
date: Sun, 18 Apr 2021 15:22:41 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
646 B 65ms
40ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=twinstrangers.net&callback=_gfp_s_&client=ca-pub-4165455515453548

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4165455515453548&plah=twinstrangers.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0917478e285e0a1e16b09f35b2742013a4f5d1f7745798834729490a20074110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=twinstrangers.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Apr 2021 15:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=twinstrangers.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Apr 2021 15:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftwinstrangers.net%2F&tn=DIV&id=thecookie&ign=false

Requested by

Host: twinstrangers.net
URL: https://twinstrangers.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 15:22:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 802F 3 KB
578 B 55ms
53ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&adk=1812271804&adf=3025194257&lmt=1618759176&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftwinstrangers.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361198&bpp=12&bdt=329&idt=119&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3488678658280&frm=20&pv=2&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=142

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7286b1941387f286b7ea7e4146b9281a5e49b1e0899ea98275b002c92e89e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4165455515453548&output=html&adk=1812271804&adf=3025194257&lmt=1618759176&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftwinstrangers.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361198&bpp=12&bdt=329&idt=119&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3488678658280&frm=20&pv=2&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=142
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://twinstrangers.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://twinstrangers.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 18 Apr 2021 15:22:41 GMT
server: cafe
content-length: 555
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Apr-2021 15:37:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Apr 2021 15:22:41 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423639646658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Sun, 18 Apr 2021 15:22:41 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CCAE 67 KB
23 KB 880ms
880ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bdd45e452fcab9d44cbfbe971a675518112869f9b186b9875a91b23fb94d976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://twinstrangers.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://twinstrangers.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 18 Apr 2021 15:22:42 GMT
server: cafe
content-length: 23589
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Apr-2021 15:37:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Apr 2021 15:22:42 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 688B 78 KB
25 KB 671ms
671ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=1655883257&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361216&bpp=1&bdt=347&idt=151&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C550x280&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=96MNCXUqpN&p=https%3A//twinstrangers.net&dtd=155

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a046dbdf81b8f78043d82a4243cdbd2997998dc765a69cd4d7e637c9816a0b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=1655883257&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361216&bpp=1&bdt=347&idt=151&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C550x280&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=96MNCXUqpN&p=https%3A//twinstrangers.net&dtd=155
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://twinstrangers.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://twinstrangers.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 18 Apr 2021 15:22:42 GMT
server: cafe
content-length: 25575
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Apr-2021 15:37:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Apr 2021 15:22:42 GMT
cache-control: private

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 3140 113 B
161 B 39ms
38ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79bbfc3ed64143c866de7402c48e0d2b3d4fb6c52ec0fa99221595109cdaf162

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 3140 29 B
91 B 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:11:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 697
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Sun, 18 Apr 2021 15:26:04 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/ Frame 3140 97 KB
32 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

604d02a10c9e776c28d7a9631a306927de98251b72736b5bd8b2284df63c63aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 14:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 00:18:36 GMT
server: sffe
age: 261194
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32747
x-xss-protection: 0
expires: Fri, 15 Apr 2022 14:49:27 GMT

GET
H3-29 200 zY_UvU3K522_KhyzAjOjk0O-FkxaamhSakjON3XM0QY.js Show response
www.google.com/js/th/ Frame 3140 33 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/zY_UvU3K522_KhyzAjOjk0O-FkxaamhSakjON3XM0QY.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd8fd4bd4dcae76dbf2a1cb30233a39343be164c5a6a68526a48ce3775ccd106

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 09:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:00:00 GMT
server: sffe
age: 19431
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12723
x-xss-protection: 0
expires: Mon, 18 Apr 2022 09:58:50 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/ Frame 3140 24 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb842642e425e5e5f6dc2081cb23fd9b0358b7486a37c0bd42b64bb9734dc9e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 14:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 00:18:36 GMT
server: sffe
age: 261184
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7769
x-xss-protection: 0
expires: Fri, 15 Apr 2022 14:49:37 GMT

GET
DATA 200
OK truncated
/ Frame 3140 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwng6iqvgXAGH0Z1lVuirtNFoFr4trexsYySV-i2X=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3140 3 KB
3 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwng6iqvgXAGH0Z1lVuirtNFoFr4trexsYySV-i2X=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b904b5ec4c3a9172ced462f5213508eec16c632c9f050f9ee3adb8c193614a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 11:38:25 GMT
x-content-type-options: nosniff
age: 13456
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3291
x-xss-protection: 0
server: fife
etag: "vf3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 15 Apr 2021 04:10:42 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/O-qLmqO8SBk/ Frame 3140 27 KB
27 KB 16ms
15ms Image
image/webp 2a00:1450:4001:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/O-qLmqO8SBk/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49505dacfd42ff662ec0503229d7435d0433f0afa446f5a4ef6ca8aa4b63e22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:41 GMT
x-content-type-options: nosniff
server: sffe
etag: "1508871204"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27920
x-xss-protection: 0
expires: Sun, 18 Apr 2021 17:22:41 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 96ms
30ms Script
application/javascript 143.204.245.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: asset.fwcdn1.com
URL: https://asset.fwcdn1.com/js/fwn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-56.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:20:47 GMT
via: 1.1 3285fe33cd28bf7e47b10465a4ff411b.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 115
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: l-CqP4vO2HVpTUVZbS9Aes9EpIRn88xrjIkK7guAjNu3xb_33Qw3HQ==

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=twinstrangers.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Apr 2021 15:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 24ms
22ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=twinstrangers.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Apr 2021 15:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5466 73 KB
26 KB 739ms
739ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=60&adk=2499841291&adf=1056458448&pi=t.aa~a.3419507048~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&to=qs&pwprc=8460399179&psa=0&format=1200x60&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361602&bpp=1&bdt=732&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423ababb42a8a4d2-22693a2e29bb00e8%3AT%3D1618759361%3ART%3D1618759361%3AS%3DALNI_MYFwz-lDTY3-l1HYUL3-XVkWmCz6g&prev_fmts=0x0%2C550x280%2C550x280&nras=2&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lP9YpRbUJm&p=https%3A//twinstrangers.net&dtd=9

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8baf399fe08ab68060252593173ca88abae2067edd5320c313cefe34cc11cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4165455515453548&output=html&h=60&adk=2499841291&adf=1056458448&pi=t.aa~a.3419507048~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&to=qs&pwprc=8460399179&psa=0&format=1200x60&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361602&bpp=1&bdt=732&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423ababb42a8a4d2-22693a2e29bb00e8%3AT%3D1618759361%3ART%3D1618759361%3AS%3DALNI_MYFwz-lDTY3-l1HYUL3-XVkWmCz6g&prev_fmts=0x0%2C550x280%2C550x280&nras=2&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lP9YpRbUJm&p=https%3A//twinstrangers.net&dtd=9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://twinstrangers.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9K2ioT9X6g6v9cxP0abuOtTp6c_S05PvIgAsyYQyWJKPY7wnXBrObAS2u
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://twinstrangers.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 18 Apr 2021 15:22:42 GMT
server: cafe
content-length: 26680
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3140 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Sun, 18 Apr 2021 15:22:41 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 3140 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?WQpGPA
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:41 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 publisher_client Show response
api.fw.tv/embed/v2/ 727 B
811 B 467ms
157ms XHR
application/json 13.248.193.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fw.tv/embed/v2/publisher_client?app_id=MoFdXYQOWMRf522QJXks-ZPEFpjndpBO
Requested by: Host: asset.fwcdn1.com
URL: https://asset.fwcdn1.com/js/fwn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.193.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a65ad14e1963e189f.awsglobalaccelerator.com
Software: Cowboy /
Resource Hash: 5b85b6496f93da620086dc48335d2831518f8270d21ae83df757832bfdca7962

Request headers

Accept: application/json
Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:42 GMT
content-encoding: gzip
server: Cowboy
vary: accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://twinstrangers.net
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 428
x-request-id: Fnb9EDJW43fKV9wJUf7B

GET
H3-29 204 csi_204
www.youtube.com/ Frame 3140 0
19 B 16ms
16ms Image
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/csi_204?v=2&s=youtube&action=embed&yt_sts=n&is_nav=1&csn=MC4zOTk4NTI5NzI5OTEwNjI1&yt_vis=1&yt_lt=cold&rc=&st=33&cpn=Rthmf94-dufSbIAv&rt=pe.311,srt.54,nreqs.1,nress.54,nrese.55,wffs.148,wffe.159,rsf_pc.147,rse_pc.174,fs.361,ol.589,aft.589,ps.590

Requested by

Host: twinstrangers.net
URL: https://twinstrangers.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 15:22:41 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34213477&c3=1&ns__t=1618759361722&ns_c=UTF-8&cv=3.5&c8=find%20my%20look-a-like%2C%20my%20face%20double%2C%20doppelganger%20or%20my%20face%20match&c7=https...
https://sb.scorecardresearch.com/b2?c1=7&c2=34213477&c3=1&ns__t=1618759361722&ns_c=UTF-8&cv=3.5&c8=find%20my%20look-a-like%2C%20my%20face%20double%2C%20doppelganger%20or%20my%20face%20match&c7=http...

64 B
331 B

46ms
45ms

Image
image/gif

143.204.245.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34213477&c3=1&ns__t=1618759361722&ns_c=UTF-8&cv=3.5&c8=find%20my%20look-a-like%2C%20my%20face%20double%2C%20doppelganger%20or%20my%20face%20match&c7=https%3A%2F%2Ftwinstrangers.net%2F&c9=
Requested by: Host: twinstrangers.net
URL: https://twinstrangers.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-56.cph50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:41 GMT
via: 1.1 3285fe33cd28bf7e47b10465a4ff411b.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: vhKsezR4Y2Up0ZtBXaoDqx5F1aVZEV-5Trbk4RmU3GUkNf8zPjSmqw==

Redirect headers

date: Sun, 18 Apr 2021 15:22:41 GMT
via: 1.1 3285fe33cd28bf7e47b10465a4ff411b.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34213477&c3=1&ns__t=1618759361722&ns_c=UTF-8&cv=3.5&c8=find%20my%20look-a-like%2C%20my%20face%20double%2C%20doppelganger%20or%20my%20face%20match&c7=https%3A%2F%2Ftwinstrangers.net%2F&c9=
content-length: 253
x-amz-cf-id: 5GgYP_jihTuxfyQiqN2sKI6O3TxO6YPScYF-vCTGmAiUskMtfWei0g==

GET
H2 200 13888479120725183486
tpc.googlesyndication.com/simgad/ Frame 688B 16 KB
17 KB 8ms
8ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13888479120725183486?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qliFJHDmNtwvSgo3EUPUbmO02obBg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=1655883257&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361216&bpp=1&bdt=347&idt=151&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C550x280&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=96MNCXUqpN&p=https%3A//twinstrangers.net&dtd=155

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b739164609541673e45dfc78464665a3b92e7826aabbf57c31b5c7466c26dbad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:23:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Jul 2020 06:22:43 GMT
server: sffe
age: 17971
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:23:11 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 688B 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 May 2021 15:22:31 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 688B 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 May 2021 15:22:33 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 688B 67 B
188 B 10ms
10ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 22:41:50 GMT
x-content-type-options: nosniff
server: cafe
age: 60052
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sun, 18 Apr 2021 22:41:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 688B 118 KB
36 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Sun, 18 Apr 2021 15:22:42 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 688B 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 May 2021 15:21:24 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 688B 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRKW_wU58YIjxF_vD7_UPv4iEoAzr7p_TYfv5gcv0C9nZHhABIO7h7mxglQKgAYTr_f4CyAECqQIgAuV8Ixq0PqgDAcgDyQSqBMQBT9C2W2z1GgeouNb_iloyRmiq8xxMIWi8LuZEtstkLPCA52nVPTVpXar3Z4qn18WMd8v8JE9sor8LYg9gSeZjSKKySKGp-19QENYtX5qV2FmHt5NzGu_z2YZ2UG3toRAkk4n0V7G4eAf6NwgsYJeW-09H6wgeFeFCSKSQGQpPEQ1_TkwIwQ1MG_vBKYxwutlMqNjxRGIoUNy-g1NbqMTbV-iu7Tf3YlsIshqUyzp0v0GqVTP0ZDqlRaFo_NtY4jkHlSqAo8AEj6D60f4CkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB-SUgoEBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJj_IdIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi00MTY1NDU1NTE1NDUzNTQ4&sigh=XU2LhTVoQ5E

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=1655883257&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361216&bpp=1&bdt=347&idt=151&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C550x280&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=96MNCXUqpN&p=https%3A//twinstrangers.net&dtd=155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 18 Apr 2021 15:22:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 688B 25 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 14:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10490
x-xss-protection: 0
server: cafe
etag: 4192951226220979311
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 May 2021 14:58:24 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6F6E 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=1655883257&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361216&bpp=1&bdt=347&idt=151&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C550x280&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=96MNCXUqpN&p=https%3A//twinstrangers.net&dtd=155
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9K2ioT9X6g6v9cxP0abuOtTp6c_S05PvIgAsyYQyWJKPY7wnXBrObAS2u; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=1655883257&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361216&bpp=1&bdt=347&idt=151&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C550x280&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=810&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=96MNCXUqpN&p=https%3A//twinstrangers.net&dtd=155

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 18 Apr 2021 14:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3557
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6F6E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9K2ioT9X6g6v9cxP0abuOtTp6c_S05PvIgAsyYQyWJKPY7wnXBrObAS2u; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 18 Apr 2021 15:22:42 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 18-Apr-2021 16:22:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Apr 2021 15:22:42 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 18 Apr 2021 15:22:42 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 688B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dc8ba1a08d461c30474554f156dddcb9eb1e1845ccd1d53b64e1ceaf11f09af

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js Show response
pagead2.googlesyndication.com/bg/ Frame D423 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37470d433fdba98d58a2134050d21942bc8b79cc36bfc270beabc192d95cf2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 17:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 77403
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5655
x-xss-protection: 0
expires: Sun, 17 Apr 2022 17:52:39 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame CCAE 3 KB
578 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Apr 2021 14:14:34 GMT
server: ESF
date: Sun, 18 Apr 2021 15:22:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Apr 2021 15:22:42 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame CCAE 1 KB
909 B 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 May 2021 15:19:30 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame CCAE 17 KB
7 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 May 2021 15:22:31 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame CCAE 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 May 2021 15:19:03 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCAE 118 KB
36 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Sun, 18 Apr 2021 15:22:42 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame CCAE 13 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 May 2021 15:21:24 GMT

GET
H3-29 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame CCAE 25 KB
10 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 17:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 02:07:20 GMT
server: sffe
age: 165656
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Thu, 15 Jul 2021 17:21:46 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame CCAE 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7frFwU58YJrPFqqtlQfa8o_wBOLj4qVi9Z2EmdsM2dkeEAEg7uHubGCVAqAB1e3NzAPIAQGoAwHIA8sEqgS4AU_QXk_feqFPZ--VJ9SJhUrq5_BH1vqd6xmF1EUJIsDp_PFe1aJ-1QCyIckSLNOuNQ-sWgZ6orO-Lvi2SW1z-9C_CpGvyXMdqlb68pIoDXg8DVTkTa-gWZrjU9S5JtYf-DSTH2Ud3ERjEl5OiVOUXj8AkxPCXnbzZOQRADkr2TuoKYu7Lc8e5ezbF25RNujacMQsCSs013pGj0cvfHC_BQZMgzYqstTNJl6cErziwltC1mSUsNo8ikfABJmR6M-pA5IFBAgEGAGSBQQIBRgEgAfcgtGTAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfw4BuoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJDDK9IICQiA4YAQEAEYH4AKAcgLAdgTDIgUAbIXGgoYCAASFHB1Yi00MTY1NDU1NTE1NDUzNTQ4&sigh=AwQmPLhcQA4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 18 Apr 2021 15:22:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6069 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9K2ioT9X6g6v9cxP0abuOtTp6c_S05PvIgAsyYQyWJKPY7wnXBrObAS2u; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 18 Apr 2021 14:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3557
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CCAE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feee8269068f50711270401920bf14bbde5fdaaee6b3b883d99606481e380578

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame CCAE 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 307180
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame CCAE 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 19144
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6069
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9K2ioT9X6g6v9cxP0abuOtTp6c_S05PvIgAsyYQyWJKPY7wnXBrObAS2u; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 18 Apr 2021 15:22:42 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 18-Apr-2021 16:22:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Apr 2021 15:22:42 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 18 Apr 2021 15:22:42 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js Show response
pagead2.googlesyndication.com/bg/ Frame 365D 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=280&slotname=2971103570&adk=3836471325&adf=655374624&pi=t.ma~as.2971103570&w=550&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&psa=0&format=550x280&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361210&bpp=4&bdt=340&idt=135&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1638&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=fw5x4wI0QF&p=https%3A//twinstrangers.net&dtd=143

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37470d433fdba98d58a2134050d21942bc8b79cc36bfc270beabc192d95cf2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 17:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 77403
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5655
x-xss-protection: 0
expires: Sun, 17 Apr 2022 17:52:39 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 5466 6 KB
668 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=60&adk=2499841291&adf=1056458448&pi=t.aa~a.3419507048~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&to=qs&pwprc=8460399179&psa=0&format=1200x60&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361602&bpp=1&bdt=732&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423ababb42a8a4d2-22693a2e29bb00e8%3AT%3D1618759361%3ART%3D1618759361%3AS%3DALNI_MYFwz-lDTY3-l1HYUL3-XVkWmCz6g&prev_fmts=0x0%2C550x280%2C550x280&nras=2&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lP9YpRbUJm&p=https%3A//twinstrangers.net&dtd=9

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Apr 2021 14:39:25 GMT
server: ESF
date: Sun, 18 Apr 2021 15:22:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Apr 2021 15:22:42 GMT

GET
H3-29 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 5466 30 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/m_js_controller_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ebabf4af74f07fdafe166786cf5f881d9f18f5222579fa1b22f4ae67b55068c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 14:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1904
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12020
x-xss-protection: 0
server: cafe
etag: 7010355083530940861
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 May 2021 14:50:58 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 5466 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7113
x-xss-protection: 0
server: cafe
etag: 11066897925667386271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 May 2021 15:22:31 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 5466 2 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 May 2021 15:19:03 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5466 118 KB
36 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Sun, 18 Apr 2021 15:22:42 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 5466 13 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 May 2021 15:21:24 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5466 0
0 14ms
14ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWSmtVe_xj22KNR0rn4KotN0UaT5z8INeZ6yYg4WZDqaYa6zbOMyy0BynoO7teWY-3OqbfCtncQ_CyguKBC6dcJlFm6Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=60&adk=2499841291&adf=1056458448&pi=t.aa~a.3419507048~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&to=qs&pwprc=8460399179&psa=0&format=1200x60&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361602&bpp=1&bdt=732&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423ababb42a8a4d2-22693a2e29bb00e8%3AT%3D1618759361%3ART%3D1618759361%3AS%3DALNI_MYFwz-lDTY3-l1HYUL3-XVkWmCz6g&prev_fmts=0x0%2C550x280%2C550x280&nras=2&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lP9YpRbUJm&p=https%3A//twinstrangers.net&dtd=9
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5466 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUM3ZwU58YJ66JtnK7_UP5KO7WIac9aZikYyM1vsMtsK-3oUCEAEg7uHubGCVAqAB8P6QyAPIAQGpAiAC5XwjGrQ-qAMByAPLBKoEvgFP0IduqaYqvLFZ3JC2rvv72szstgd034-73D_Tf_V5F5fepwG4SGGBm1tR1LTD53GXxVg-pm1I5oDOwLz_WwqRt53DtlxR6n2Yi-bR1e2Yb9dpgQkxxpr_fxkONMyh1BeTU4G9V9XcpE-74WTo6GmZDl196oGNBmCzdeAYrpAhi0isoNYCYhpi3JfqUNVSRyj9CNddunp8_dthB722ZN1GM9o6zjQTOWcEYqyzjTLzSiRb7VuwB79q06q8AkUdwASSoKXEvQOSBQQIBBgBkgUECAUYBIAH-IDvN6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBC86zPSCAkIgOGAEBABGB-ACgHICwHYEw2IFAOyFxoKGAgAEhRwdWItNDE2NTQ1NTUxNTQ1MzU0OA&sigh=xcjhRM6vZBg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=60&adk=2499841291&adf=1056458448&pi=t.aa~a.3419507048~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&to=qs&pwprc=8460399179&psa=0&format=1200x60&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361602&bpp=1&bdt=732&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423ababb42a8a4d2-22693a2e29bb00e8%3AT%3D1618759361%3ART%3D1618759361%3AS%3DALNI_MYFwz-lDTY3-l1HYUL3-XVkWmCz6g&prev_fmts=0x0%2C550x280%2C550x280&nras=2&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lP9YpRbUJm&p=https%3A//twinstrangers.net&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 18 Apr 2021 15:22:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 367F 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=60&adk=2499841291&adf=1056458448&pi=t.aa~a.3419507048~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&to=qs&pwprc=8460399179&psa=0&format=1200x60&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361602&bpp=1&bdt=732&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423ababb42a8a4d2-22693a2e29bb00e8%3AT%3D1618759361%3ART%3D1618759361%3AS%3DALNI_MYFwz-lDTY3-l1HYUL3-XVkWmCz6g&prev_fmts=0x0%2C550x280%2C550x280&nras=2&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lP9YpRbUJm&p=https%3A//twinstrangers.net&dtd=9
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9K2ioT9X6g6v9cxP0abuOtTp6c_S05PvIgAsyYQyWJKPY7wnXBrObAS2u; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4165455515453548&output=html&h=60&adk=2499841291&adf=1056458448&pi=t.aa~a.3419507048~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1618759176&rafmt=1&to=qs&pwprc=8460399179&psa=0&format=1200x60&url=https%3A%2F%2Ftwinstrangers.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618759361602&bpp=1&bdt=732&idt=1&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D423ababb42a8a4d2-22693a2e29bb00e8%3AT%3D1618759361%3ART%3D1618759361%3AS%3DALNI_MYFwz-lDTY3-l1HYUL3-XVkWmCz6g&prev_fmts=0x0%2C550x280%2C550x280&nras=2&correlator=3488678658280&frm=20&pv=1&ga_vid=588177719.1618759361&ga_sid=1618759361&ga_hid=1938907799&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739521%2C21068109%2C44740079&oid=3&pvsid=2768005415321091&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lP9YpRbUJm&p=https%3A//twinstrangers.net&dtd=9

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 18 Apr 2021 14:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3557
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 325D 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 18 Apr 2021 03:14:09 GMT
expires: Mon, 19 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 43713
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5466 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30b60c091cd3813422e0fb3c2459e7f10e35e3635f17c1dceff046e54cf8497e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5466 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 497214
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Tue, 12 Apr 2022 21:15:48 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5466 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 497214
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 12 Apr 2022 21:15:48 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 325D 35 B
463 B 33ms
13ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK8PBF4fkhK1t7PHUkktsgM&google_cver=1&google_push=AQvitUIvsp0kb40UNzpk_ugM9_ap_qG5sCvWCI_zSP-zgMltRTktQckkOdaBYD3ak891KkQSOMLMWxYmGbUMDpU09nSeR2HKPoC2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 15:22:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 325D
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEPcqRQStAJIqtRCR1neqeTY&google_cver=1&google_push=AQvitUJzI-uw02QfhXQIrIesL9SIeTV_D7n6BfbUklLdFsU6Od7BzsnBRpXcbtjYW7wGGRGEkv6WyuJDou6UhNkdrvgbSQH5iTU
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUJzI-uw02QfhXQIrIesL9SIeTV_D7n6BfbUklLdFsU6Od7BzsnBRpXcbtjYW7wGGRGEkv6WyuJDou6UhNkdrvgbSQH5iTU&google_hm=Q0FFU0VQY3FSUVN0QUpJcX...

170 B
188 B

32ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUJzI-uw02QfhXQIrIesL9SIeTV_D7n6BfbUklLdFsU6Od7BzsnBRpXcbtjYW7wGGRGEkv6WyuJDou6UhNkdrvgbSQH5iTU&google_hm=Q0FFU0VQY3FSUVN0QUpJcXRSQ1IxbmVxZVRZ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 15:22:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 18 Apr 2021 15:22:42 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUJzI-uw02QfhXQIrIesL9SIeTV_D7n6BfbUklLdFsU6Od7BzsnBRpXcbtjYW7wGGRGEkv6WyuJDou6UhNkdrvgbSQH5iTU&google_hm=Q0FFU0VQY3FSUVN0QUpJcXRSQ1IxbmVxZVRZ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 325D
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKQBycD...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKQBycD...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTgxNTIyNDMzMzg3MTUxNzgzMzg3Mg%3D%3D&google_push=AQvitUKQBycDmAl4SU90bNCqWUmOfPz_IOjKIGBWrYZQhhzdB3UftxVGXMv0vLezVLgvXz...

170 B
188 B

18ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTgxNTIyNDMzMzg3MTUxNzgzMzg3Mg%3D%3D&google_push=AQvitUKQBycDmAl4SU90bNCqWUmOfPz_IOjKIGBWrYZQhhzdB3UftxVGXMv0vLezVLgvXzAdOROSAMIIXiRz4rsb74hIijY3Y6G_

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 15:22:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTgxNTIyNDMzMzg3MTUxNzgzMzg3Mg%3D%3D&google_push=AQvitUKQBycDmAl4SU90bNCqWUmOfPz_IOjKIGBWrYZQhhzdB3UftxVGXMv0vLezVLgvXzAdOROSAMIIXiRz4rsb74hIijY3Y6G_
Pragma: no-cache
Date: Sun, 18 Apr 2021 15:22:43 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 325D
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDZy3i99MvwoiooMflVGEGA&google_cver=1&google_push=AQvitUKwiiO-lEmwtCp3ZneotYdwYTX0TAa2v8aWZSjAmF35OO51wvEtxR1zP2CPE24N5FZXQ1AumYpDpWSyw2G2EE3p5BzyxskS
https://rtb.openx.net/sync/dds?google_gid=CAESEDZy3i99MvwoiooMflVGEGA&google_cver=1&google_push=AQvitUKwiiO-lEmwtCp3ZneotYdwYTX0TAa2v8aWZSjAmF35OO51wvEtxR1zP2CPE24N5FZXQ1AumYpDpWSyw2G2EE3p5BzyxskS&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKwiiO-lEmwtCp3ZneotYdwYTX0TAa2v8aWZSjAmF35OO51wvEtxR1zP2CPE24N5FZXQ1AumYpDpWSyw2G2EE3p5BzyxskS&google_hm=WQ-h53tKyi0gl6zPdn4K9A==

170 B
188 B

17ms
16ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKwiiO-lEmwtCp3ZneotYdwYTX0TAa2v8aWZSjAmF35OO51wvEtxR1zP2CPE24N5FZXQ1AumYpDpWSyw2G2EE3p5BzyxskS&google_hm=WQ-h53tKyi0gl6zPdn4K9A==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 15:22:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 18 Apr 2021 15:22:42 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKwiiO-lEmwtCp3ZneotYdwYTX0TAa2v8aWZSjAmF35OO51wvEtxR1zP2CPE24N5FZXQ1AumYpDpWSyw2G2EE3p5BzyxskS&google_hm=WQ-h53tKyi0gl6zPdn4K9A==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: s57ses7td8j5tgp48ilsk0nva1a96mbi

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 325D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SCyQwqlqQfWXg1gvUxLfhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SCyQwqlqQfWXg1gvUxLfhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK09DC7d9P22UiNTyXyH57R9mkdgJ8Tgu6TX1M0CzmM3AgRSqeokUflAuALNdeIoqleDBlZ6gT6hckUpgfH9K4emfaG_Z78

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 15:22:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SCyQwqlqQfWXg1gvUxLfhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK09DC7d9P22UiNTyXyH57R9mkdgJ8Tgu6TX1M0CzmM3AgRSqeokUflAuALNdeIoqleDBlZ6gT6hckUpgfH9K4emfaG_Z78
Date: Sun, 18 Apr 2021 15:22:42 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 325D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDEM7LqKYtIK6mudbC9CHzk&google_cver=1&google_push=AQvitUKpkltvIqnB8tTCKcq_38JEZMSgrPhMW3KFaqxgWyzZyNj3Ho0gnLSVO2Bs42zayVkJ1P5...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05OQkoyMEMtMTQtNkFEMQ==&google_push=AQvitUKpkltvIqnB8tTCKcq_38JEZMSgrPhMW3KFaqxgWyzZyNj3Ho0gnLSVO2Bs42zayVkJ1P5TEUu5thpO5PmyqBv3VHr32M59

170 B
188 B

18ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05OQkoyMEMtMTQtNkFEMQ==&google_push=AQvitUKpkltvIqnB8tTCKcq_38JEZMSgrPhMW3KFaqxgWyzZyNj3Ho0gnLSVO2Bs42zayVkJ1P5TEUu5thpO5PmyqBv3VHr32M59

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 15:22:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05OQkoyMEMtMTQtNkFEMQ==&google_push=AQvitUKpkltvIqnB8tTCKcq_38JEZMSgrPhMW3KFaqxgWyzZyNj3Ho0gnLSVO2Bs42zayVkJ1P5TEUu5thpO5PmyqBv3VHr32M59
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 325D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDnVx_3-GVwSjW2RabbT91g&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDnVx_3-GVwSjW2RabbT91g&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHxOwrPIgi8IgxHqMxfwfgAABGQAAAIB&google_gid=CAESEDnVx_3-GVwSjW2RabbT91g&google_push=AQvitULTl1ohTgIocop7DNtJsGfz8A6EG63w4SDtuadVDvmVpqZ...

170 B
188 B

27ms
27ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHxOwrPIgi8IgxHqMxfwfgAABGQAAAIB&google_gid=CAESEDnVx_3-GVwSjW2RabbT91g&google_push=AQvitULTl1ohTgIocop7DNtJsGfz8A6EG63w4SDtuadVDvmVpqZ7ldw2CFlIQ_sJbh4w_UK4Pp4VsySsfNgTj0YOzY5Yt6auIGun&google_cver=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 15:22:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 18 Apr 2021 15:22:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHxOwrPIgi8IgxHqMxfwfgAABGQAAAIB&google_gid=CAESEDnVx_3-GVwSjW2RabbT91g&google_push=AQvitULTl1ohTgIocop7DNtJsGfz8A6EG63w4SDtuadVDvmVpqZ7ldw2CFlIQ_sJbh4w_UK4Pp4VsySsfNgTj0YOzY5Yt6auIGun&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Sun, 18 Apr 2021 15:22:42 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 325D 0
236 B 41ms
14ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L83lEsp3ugGO2xYrkJpv-ffSLx5OGctZr8rzj5d1heCLmNg6sgpq0sxZM1lqUJxl90FuDv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:42 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 26ms
25ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210414&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51f2e7a3c97193bf389cf854f02b36019cafe45afdbc6614624b3ec041496ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 18 Apr 2021 15:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7057
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 367F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm9K2ioT9X6g6v9cxP0abuOtTp6c_S05PvIgAsyYQyWJKPY7wnXBrObAS2u; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 18 Apr 2021 15:22:42 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 18-Apr-2021 16:22:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Apr 2021 15:22:42 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 18 Apr 2021 15:22:42 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js Show response
pagead2.googlesyndication.com/bg/ Frame DA10 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37470d433fdba98d58a2134050d21942bc8b79cc36bfc270beabc192d95cf2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 17:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 77403
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5655
x-xss-protection: 0
expires: Sun, 17 Apr 2022 17:52:39 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 15:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 18 Apr 2021 15:22:42 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame FEFB 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://twinstrangers.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://twinstrangers.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 18 Apr 2021 14:49:04 GMT
expires: Mon, 18 Apr 2022 14:49:04 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2018
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js Show response
pagead2.googlesyndication.com/bg/ Frame FEFB 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37470d433fdba98d58a2134050d21942bc8b79cc36bfc270beabc192d95cf2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 17:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 77403
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5655
x-xss-protection: 0
expires: Sun, 17 Apr 2022 17:52:39 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210414&jk=2768005415321091&bg=!i4iliMzNAAZUuIlwVLg7ACkAdvg8WiQSb63xiyhu9mllPlF1LB5AjbIrUz-LmKVhQGBqrw6m3qpPLQIAAABrUgAAAAxoAQcKAK4VW6QqRxJR76hWcs5oiJH-Dr08KCuLfI9HOaoiaCGIMn47PFQiMkdCc6c_mBplr1RWnvyTCPq42RA3ZMnyEfPpxXR68QvgQViLxjIGCVGehXO0qGRj5S6yhj9CsJBqXkiiddqqIQ1VppAB78yOxWPqxGlk_ifjjIhN13fxWAKo_qyYpwTJJK3RlMTI5jHHV6u9GmUArCE5JnDUXDbK63xNTNUvXW2ix6HEq5xmEGGZAifx5PYTEGYoyHrSJalnH2_L6X8VRxkCtJb_rWyc87Agk76OaTtTz1kAY7jjdR7NQNadr1HBGVbUuesugXJMfKDXDdQvpLgBRmeT0jnsoYSqs0yGzeRiMnEce9kxMM7P1WpcrLHTucNYInmP_8TV5z4ZrI3mvcJK4qOJHwJsiS0JVu3U9iDrO4ie6VOt3S9aSskjwxmbcS3R2CapNzXXVG45oZJeoy97xu4bIx1U0qc6-V_9jZag6nDg0DKn3Bd1q26IbtV0F7Z1T5OYoAttZrcBqcWaMQQS_ptt4oZG9B9ZDq7S-9eiaL5hXP-yYb3BNxsFeJ_eEUoup16fBODh8mbI8_sxlb-8-HxdABrxNNW64tY4puDQEXL0dtPCIj3Mfq2KsiE3GDhgZcHtmUeRUrOQZUAQBIChDsHBTsKnwO1os73tiXsoa3ES7WsII4MrWAF9BrfOfRF6YrWK6SwWVVIIjwo6f7CiMjDRYB3tfVUA7yb0irU17g7_PI7iHGcyRJPRJY5a66lrQvaJbQQlQH68fHXcvT9vGIXpCahXM9OjAC5o4volxqv5bo22QGH9eblFGqsgHWQfQRPdWq83HobnTP6Df-WiSsN7aiqfRwGa-E706kdKR385vLzaiqV-YB7dCt7s07Mu8a2kKa0Xhw0h2g6eGfvyTJE0I2slbhuEs-uiVopBBG6PUkmaZlVJocTIZJc6C-7Yi67o0UxpOv5am8pi3fPM7g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twinstrangers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Apr 2021 15:22:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3140 28 B
191 B 18ms
18ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/O-qLmqO8SBk?rel=0
X-YouTube-Client-Version: 1.20210414.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgs3Q05QSEZKSTNOdyjBnfGDBg%3D%3D
X-YouTube-Ad-Signals: dt=1618759361394&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C395%2C255&vis=1&wgl=true&ca_type=image&bid=ANyPxKrvVZP5dlSYuCi-N_G47DguL9kAs3ZMp1uDP36IdfYIScPECxSL0dvuw2MKnpWxZiasMQkG6oCNa0oa18sHgxqNOiOgXw

Response headers

date: Sun, 18 Apr 2021 15:22:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 18 Apr 2021 15:22:51 GMT

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 21:58:31	Name: VISITOR_INFO1_LIVE Value: 7CNPHFJI3Nw
.doubleclick.net/	1970-01-20 03:00:55	Name: IDE Value: AHWqTUm9K2ioT9X6g6v9cxP0abuOtTp6c_S05PvIgAsyYQyWJKPY7wnXBrObAS2u
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: n1aAqZlID60
.doubleclick.net/	1970-01-19 17:39:20	Name: test_cookie Value: CheckForPermission
.twinstrangers.net/	1970-01-20 03:00:55	Name: __gads Value: ID=423ababb42a8a4d2-22693a2e29bb00e8:T=1618759361:RT=1618759361:S=ALNI_MYFwz-lDTY3-l1HYUL3-XVkWmCz6g
.doubleclick.net/	1970-01-19 17:39:22	Name: DSID Value: NO_DATA
.twinstrangers.net/	1970-01-20 11:10:31	Name: _ga Value: GA1.2.588177719.1618759361
.twinstrangers.net/	1970-01-19 17:39:19	Name: _gat Value: 1
.twinstrangers.net/	1970-01-19 17:40:45	Name: _gid Value: GA1.2.479603330.1618759361

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://asset.fwcdn1.com/js/fwn.js(Line 9) Message: Widget is sandboxed [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.fw.tv
asset.fwcdn1.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
image6.pubmatic.com
p2.fwpixel.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
polyfill.io
r1.fwpixel.com
rtb.openx.net
sb.scorecardresearch.com
ssum-sec.casalemedia.com
static.doubleclick.net
tpc.googlesyndication.com
twinstrangers.com
twinstrangers.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
13.248.193.180
142.250.186.98
143.204.245.56
172.217.16.130
18.194.113.221
184.30.20.241
185.64.190.78
192.229.221.102
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:800::2002
2a00:1450:4001:800::2016
2a00:1450:4001:808::200e
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2006
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a03:2880:f02d:12:face:b00c:0:3
2a04:4e42:200::621
34.213.103.174
34.242.7.105
35.186.253.211
52.212.104.44
52.89.203.78
54.149.211.134
69.173.144.139
02e69f228e1c94f59b38885b064e43d3df5a74030ee73eac2b4617f7f1a33d1f
0917478e285e0a1e16b09f35b2742013a4f5d1f7745798834729490a20074110
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdd45e452fcab9d44cbfbe971a675518112869f9b186b9875a91b23fb94d976
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fe47edaf3880462802c94453d000aa844b2f1e6c4c3407be86a49062255f7ae
11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83
132a291273e28876fa9f0964fa177b63dfd0bcbf4bc38a98aa422ed8dced5905
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
29ca530de35ebdfe63b1eb0e301c872948ddfff784f35259d104c2f669573291
30b60c091cd3813422e0fb3c2459e7f10e35e3635f17c1dceff046e54cf8497e
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
37470d433fdba98d58a2134050d21942bc8b79cc36bfc270beabc192d95cf2d7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
408598ee27fe5fab8a9662803036c15b9532b7f7fdeabbb07dce58aa7a0c7fd9
49505dacfd42ff662ec0503229d7435d0433f0afa446f5a4ef6ca8aa4b63e22e
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
5068c120c4f0d23bc271f424ce2a93cc33ebbcaef08010e5ac5a90c220d5160b
51f2e7a3c97193bf389cf854f02b36019cafe45afdbc6614624b3ec041496ece
53375f1a79864ba28dd70df8975c3eb257fba1652e896a70776e70f359f7b730
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5b85b6496f93da620086dc48335d2831518f8270d21ae83df757832bfdca7962
5dfee0890129d1ee1728c13e33487260e77cf37c318c9c2bff3607b31821184d
604d02a10c9e776c28d7a9631a306927de98251b72736b5bd8b2284df63c63aa
6534677c13320bd3779c6611fd560a35dbee7eb223bc6a5135acfc91a46f14f9
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b619ec5c39d8c8830b4087e53aa3a346098d8cf7f36e117ca2b07f302e05c2a
6ebabf4af74f07fdafe166786cf5f881d9f18f5222579fa1b22f4ae67b55068c
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
745cc4cf097045c73a327372b412dd80b2074ea9916c074a89c7d0c55e660747
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
771ee484eaae30f95c918f2b48511c4af9e430071b452c24063390b49b4e6074
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
79bbfc3ed64143c866de7402c48e0d2b3d4fb6c52ec0fa99221595109cdaf162
7d8ead9ee56f9e41a67a2058fb71df3ebb222af1de6db401923b96d68f59a003
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84627f8f42fc391a1bd3779771a425e304bce1a62036b84b1a48300b74a07c54
8dc8ba1a08d461c30474554f156dddcb9eb1e1845ccd1d53b64e1ceaf11f09af
95cfd277c45ba4d9722d84e7f4ac17af9937ca4010d08eca819a8fb98b305991
95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bf885e0c0a280c547e8073d944feb59edbe0d3b33c18e39c5b9c7dbacb9d3f0
9c0fd6631ad1eaee4b09018118d627f78785823ab339df91869878c10b8c1751
a046dbdf81b8f78043d82a4243cdbd2997998dc765a69cd4d7e637c9816a0b54
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2cf5e546a2d6c8aeeba1c9e5e12d7d2ead31a0f403fb095b0415e153704a229
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a9e3c80197ed24e9c9aad319699de1b45ac989c9599f0ea7af4879d167fc9072
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
abaf774051f4582a5cc90f6ca8f16265025fc531de92ddef56c81f6e69cf900a
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
acb0132addd6826d976f133ea5706da5a83dc1746e1220804892653e305e1b87
af336d8d11cf599464400feea639b946743f4289c440c2aa9b95553a311e7db4
af519e8dc403523c3eae4761e1266ccde896aca39668ca1e1e8b2486e4d70072
b4b3a9b081e2e0f94ef29fa2e178577d05395af6e118a80516b1ace351d28f55
b739164609541673e45dfc78464665a3b92e7826aabbf57c31b5c7466c26dbad
b8baf399fe08ab68060252593173ca88abae2067edd5320c313cefe34cc11cc1
b904b5ec4c3a9172ced462f5213508eec16c632c9f050f9ee3adb8c193614a8f
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c10758fa6ec88f82a02e559cc6ffc81ff9a6c1c2e1104e0788a5114eeaa42dd4
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
caaffdeae228f27576869949080436493244162ba71ce4ebcd517b45292670f8
cab326ef144c8e6a9324a63e287c900827960cc08c2d9ec027d670a6bc1d4983
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd8fd4bd4dcae76dbf2a1cb30233a39343be164c5a6a68526a48ce3775ccd106
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
cf9a24b1e56bd88f80a6acc2528011b0dff25baa5f8d455c9e3ae3249cbb4336
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d87165233cefdc238524de7ddc09242695cc075d970055d846e35fa3a924c594
dad2ac3f093b8cdcca3bfce4fb4d0d7c2e72bd3247ea05ec5e383559d4c3a77f
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e0ec73f7426cc42a1ec204365eaf74a1abb553dda7699e3a387229e3e6f1b79f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7286b1941387f286b7ea7e4146b9281a5e49b1e0899ea98275b002c92e89e28
e98e911f27c13161575bf31220b077b28b8cae53534c3bc0faaba2db5d138b36
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f106ac03a61d6673e50d8843004e1aeba07e118e3a596ed07c0c6e217ebde9b5
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fb842642e425e5e5f6dc2081cb23fd9b0358b7486a37c0bd42b64bb9734dc9e4
feee8269068f50711270401920bf14bbde5fdaaee6b3b883d99606481e380578

twinstrangers.net Open in urlscan Pro 52.212.104.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

100 %HTTPS

59 %IPv6

27 Domains

33 Subdomains

31 IPs

4 Countries

3203 kBTransfer

5438 kBSize

9 Cookies

3 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

twinstrangers.net Open in urlscan Pro
52.212.104.44 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

100 %
HTTPS

59 %
IPv6

27
Domains

33
Subdomains

31
IPs

4
Countries

3203 kB
Transfer

5438 kB
Size

9
Cookies

126 HTTP transactions
5 data transactions