urlscan.io logo urlscan.io
SecurityTrails logo

sqworl.com Open in urlscan Pro
104.236.103.127  Public Scan

Go To Rescan Add Verdict Report
URL: http://sqworl.com/5d7lsd
Submission: On September 12 via manual from RU — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 5 countries across 21 domains to perform 100 HTTP transactions. The main IP is 104.236.103.127, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is sqworl.com.
This is the only time sqworl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 104.236.103.127 14061 (DIGITALOC...)
1 142.250.185.74 15169 (GOOGLE)
5 142.250.186.98 15169 (GOOGLE)
2 169.150.247.37 60068 (CDN77 ^_^)
1 52.222.214.46 ()
3 146.75.116.84 54113 (FASTLY)
1 172.217.18.10 15169 (GOOGLE)
1 151.139.128.10 20446 (STACKPATH...)
1 172.217.18.3 15169 (GOOGLE)
2 157.240.251.9 32934 (FACEBOOK)
1 93.184.220.66 15133 (EDGECAST)
2 142.250.185.174 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
3 35.201.67.47 396982 (GOOGLE-CL...)
2 35.190.91.160 15169 (GOOGLE)
7 172.217.16.194 15169 (GOOGLE)
1 151.101.1.44 54113 (FASTLY)
3 192.229.233.25 15133 (EDGECAST)
1 169.150.247.39 60068 (CDN77 ^_^)
9 151.101.65.44 54113 (FASTLY)
2 108.177.15.155 15169 (GOOGLE)
1 216.58.206.40 15169 (GOOGLE)
1 2 178.250.1.11 44788 (ASN-CRITE...)
1 141.226.124.48 200478 (TABOOLA-AS)
2 104.244.42.8 13414 (TWITTER)
1 142.250.185.196 15169 (GOOGLE)
2 142.250.186.131 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
1 216.239.32.36 15169 (GOOGLE)
1 151.101.64.84 54113 (FASTLY)
8 95.101.148.20 16625 (AKAMAI-AS)
2 104.123.44.23 16625 (AKAMAI-AS)
4 142.250.186.129 15169 (GOOGLE)
2 142.250.186.66 15169 (GOOGLE)
13 23.35.224.23 16625 (AKAMAI-AS)
2 23.216.77.36 20940 (AKAMAI-ASN1)
100 37
9    104.236.103.127 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sqworl.com
1    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
fonts.googleapis.com
5    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
pagead2.googlesyndication.com
2    169.150.247.37 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-37.bunnyinfra.net
cdn.iubenda.com
1    52.222.214.46 (None, )

ASN- ()
image.thum.io
3    146.75.116.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
assets.pinterest.com
1    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net
ajax.googleapis.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
s.skimresources.com
1    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net
fonts.gstatic.com
2    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
1    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
www.google-analytics.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
3    35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
7    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
googleads.g.doubleclick.net
1    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
3    192.229.233.25 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    169.150.247.39 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-39.bunnyinfra.net
www.iubenda.com
9    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
pips.taboola.com
2    108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net
stats.g.doubleclick.net
1    216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f8.1e100.net
www.googletagmanager.com
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
2    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com
2    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
www.google.ch
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
partner.googleadservices.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    151.101.64.84 (United States)

ASN54113 (FASTLY, US)
log.pinterest.com
8    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
2    104.123.44.23 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-123-44-23.deploy.static.akamaitechnologies.com
warp.media.net
4    142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net
tpc.googlesyndication.com
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googletagservices.com
13    23.35.224.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-224-23.deploy.static.akamaitechnologies.com
lg3.media.net
hblg.media.net
2    23.216.77.36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-36.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
Apex Domain
Subdomains		 Transfer
23 media.net
contextual.media.net — Cisco Umbrella Rank: 719
warp.media.net — Cisco Umbrella Rank: 2827
lg3.media.net — Cisco Umbrella Rank: 7788
hblg.media.net — Cisco Umbrella Rank: 2335
209 KB
11 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1069
trc.taboola.com — Cisco Umbrella Rank: 626
ch-trc-events.taboola.com — Cisco Umbrella Rank: 3496
pips.taboola.com — Cisco Umbrella Rank: 1634
228 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 47
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
42 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 152
254 KB
9 sqworl.com
sqworl.com
36 KB
7 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 4270
r.skimresources.com — Cisco Umbrella Rank: 4091
t.skimresources.com — Cisco Umbrella Rank: 4285
p.skimresources.com — Cisco Umbrella Rank: 5610
21 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1154
syndication.twitter.com — Cisco Umbrella Rank: 1386
149 KB
4 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 3484
log.pinterest.com — Cisco Umbrella Rank: 4759
20 KB
3 iubenda.com
cdn.iubenda.com — Cisco Umbrella Rank: 13333
www.iubenda.com — Cisco Umbrella Rank: 62644
34 KB
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2349
592 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
114 KB
2 google.ch
www.google.ch — Cisco Umbrella Rank: 25073
515 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2787
658 B
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 450
416 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 44
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 186
90 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
ajax.googleapis.com — Cisco Umbrella Rank: 419
96 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1183
602 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 63
81 KB
1 gstatic.com
fonts.gstatic.com
36 KB
1 thum.io
image.thum.io
100 21
Domain Requested by
9 sqworl.com sqworl.com
8 contextual.media.net sqworl.com
contextual.media.net
googleads.g.doubleclick.net
7 lg3.media.net googleads.g.doubleclick.net
contextual.media.net
sqworl.com
7 cdn.taboola.com s.skimresources.com
cdn.taboola.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
sqworl.com
6 hblg.media.net googleads.g.doubleclick.net
sqworl.com
5 pagead2.googlesyndication.com sqworl.com
pagead2.googlesyndication.com
www.googletagservices.com
4 tpc.googlesyndication.com sqworl.com
4 platform.twitter.com sqworl.com
platform.twitter.com
3 t.skimresources.com sqworl.com
s.skimresources.com
3 assets.pinterest.com sqworl.com
assets.pinterest.com
2 qsearch-a.akamaihd.net sqworl.com
2 www.googletagservices.com sqworl.com
2 warp.media.net sqworl.com
2 www.google.ch sqworl.com
2 syndication.twitter.com platform.twitter.com
sqworl.com
2 trc.taboola.com cdn.taboola.com
2 gum.criteo.com 1 redirects sqworl.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 p.skimresources.com sqworl.com
2 www.google-analytics.com sqworl.com
www.google-analytics.com
2 connect.facebook.net sqworl.com
connect.facebook.net
2 cdn.iubenda.com sqworl.com
cdn.iubenda.com
1 pips.taboola.com cdn.taboola.com
1 log.pinterest.com sqworl.com
1 region1.analytics.google.com www.googletagmanager.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.com sqworl.com
1 ch-trc-events.taboola.com sqworl.com
1 www.googletagmanager.com www.google-analytics.com
1 www.iubenda.com cdn.iubenda.com
1 r.skimresources.com s.skimresources.com
1 fonts.gstatic.com fonts.googleapis.com
1 s.skimresources.com sqworl.com
1 ajax.googleapis.com sqworl.com
1 image.thum.io sqworl.com
1 fonts.googleapis.com sqworl.com
100 37

This site contains links to these domains. Also see Links.

Domain
dreamtig.com
www.iubenda.com
Subject Issuer Validity Valid
thum.io
Amazon RSA 2048 M02		 2023-09-07 -
2024-10-04		 a year crt.sh
*.skimresources.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-25 -
2023-11-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-22 -
2023-09-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh

This page contains 17 frames:

Primary Page: http://sqworl.com/5d7lsd
Frame ID: 27EEF8AE6E858E78CF58D0E2624AA243
Requests: 57 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4405122576885143
Frame ID: FCB5ACA5CEB2464218A79ACB18733184
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html
Frame ID: 1AE1C255ECE56CA9F1E9D031A378EA38
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fsqworl.com
Frame ID: 5B2244B1D5824A08169347D044B8E420
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&h=280&slotname=6709750226&adk=397385836&adf=1684144924&pi=t.ma~as.6709750226&w=728&fwrn=4&fwrnh=100&lmt=1694541521&rafmt=1&format=728x280&url=http%3A%2F%2Fsqworl.com%2F5d7lsd&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1694548721162&bpp=2&bdt=1326&idt=661&shv=r20230911&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&correlator=5797483029467&frm=20&pv=2&ga_vid=404129918.1694548721&ga_sid=1694548722&ga_hid=897379440&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44798878%2C44759876%2C44759927%2C44798321&oid=2&pvsid=3963666929942203&tmod=1401286723&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AXuDFFlrSg&p=http%3A//sqworl.com&dtd=677
Frame ID: 7EC3C325F0A8D9215E90A97874207767
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&adk=1812271804&adf=3025194257&lmt=1694541521&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=http%3A%2F%2Fsqworl.com%2F5d7lsd&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&dt=1694548721178&bpp=2&bdt=1342&idt=665&shv=r20230911&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&nras=1&correlator=5797483029467&frm=20&pv=1&ga_vid=404129918.1694548721&ga_sid=1694548722&ga_hid=897379440&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44798878%2C44759876%2C44759927%2C44798321&oid=2&pvsid=3963666929942203&tmod=1401286723&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=676
Frame ID: C6B281C8B3202C48E02954C0B4AEA09C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: B59372672DB7877AB96E26E99EE7170D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230911/r20110914/zrt_lookup.html?fsb=1
Frame ID: 89971A0641D627C5AC38CCBF72492983
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230911/r20110914/zrt_lookup.html?fsb=1
Frame ID: 39FF11D4DE24F54ABF214B921EDE90D3
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CUF4MSM6&ydspr=1
Frame ID: 0BA94D30510EE806D2218620A4EE5C86
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CUF4MSM6&ydspr=1
Frame ID: 1A9230E946BC0B4B0B799A3F55B2E201
Requests: 15 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2607&&kkdd=A!%7Ch%7CuH*A3n9&69=NiE2m2!tZZi8tiZNqZN&X1Va=N&C*VO=8&S16=N8tq&b*SQ=dZm2&S91=!zF02I(Ii&SVS1=e1mC1_1tzznC7u_a-~aS9x%3D%3D&Sa91=!iqqqmNqi&*9fQ=Ni8Wi88&SS=z)&*S=B)&SKjC=)w_I-cH&V91=!T-_.)5BH&bV91=uN7qii!&KbbV*=N&aaa=*zlu7tURVO0D98mU89GmpnnVjcN0P9IRHLVM0nQhF!S%3D&j*Q=m&R~=N&MX1=2&O1bN=!zF(ootFq&O1bZ=ZZqtq2q2i&D1ObO=vDWsRQj%3DNNttvDKV%3D8vD91%3D8r8i8vDWsOjSQ*b3a%3DN!pqgZ8pqvDWsO*j%3Dqq8qvDWsQWV%3D8vDWsX9j*M%3D8vDWs9jbC1%3D8vDWsaK%3D2t.7xVL!)JvDWsaVS%3D888888NvDWs*9fQ%3DNi8Wi88vDWsbCOW%3DZm8vDWsbCRs*MUU9W%3D%2FvS9bh%3DJ7dI-cup(F_pdwF(wcc7vSPsUR%3D8v1S%3DXSVpQMp~Q*bNpDv1CCs1N%3D8v1CCs1N8%3D8v1CCs1NZ%3DNv1CCs1N2%3D8v1CCs1Nm%3DNv1CCs1Ni%3Dqv1CCs1Nt%3D8v1CCs1N!%3D!mv1CCs1NE%3D888Nv1CCs1Z%3Duv1CCs1ZN%3DpNv1CCs1ZZ%3D8r8Zv1CCs1Z2%3Dmv1CCs1Zm%3D1QUs1QUv1CCs1Z!%3Dmv1CCs1ZE%3D8r88v1CCs1q%3D8v1CCs1q8%3D8v1CCs1qZ%3D8v1CCs1qq%3D8v1CCs1qi%3Dcwv1CCs1qt%3Duv1CCs12%3DN8v1CCs128%3D8v1CCs12Z%3D8v1CCs12q%3D8v1CCs122%3DVa31v1CCs12m%3D8v1CCs12i%3D_v1CCs1mN%3D8v1CCs1mZ%3D8r88v1CCs1mi%3D8v1CCs1t%3D8v1CCs1!%3D8v1CCsR%3D8r8ZEv1CCsCN%3D8r8ZEv1CCsCN8%3DNr888v1CCsCNN%3D8rEitv1CCsCNZ%3D8rNE!v1CCsCNq%3DNr888v1CCsCN2%3DNr888v1CCsCNm%3DNr8N8v1CCsCNi%3D8rN88v1CCsCZ%3D8rN2iv1CCsCZN%3DNr888v1CCsCZq%3DNr888v1CCsCZ2%3DNr888v1CCsCZm%3DNr888v1CCsCZE%3DNr888v1CCsCq%3DNr888v1CCsCq8%3DNr888v1CCsCqZ%3D8r8N8v1CCsCq2%3DNr888v1CCsCqE%3DN2r888v1CCsC28%3DN2r888v1CCsCm%3DNr888v1CCsCmZ%3D8r!E8v1CCsCmq%3D8rm88v1CCsCm2%3Dmr888v1CCsCmm%3D8rm88v1CCsCmt%3DNr888v1CCsCmE%3D8rmtmv1CCsCi%3D8rmtmv1CCsCt%3D8rq2mv1CCsCE%3DNr888v1CCsa%3D8rN88vQsaVC%3D8r8ZEvQaVC%3D8r8ZEvKS%3D8%20%2B%208v9KO%3D8v9bhVQ%3Dw.YvasSS%3Dz)vas9V%3D!qrtirNZEr8vas*S%3D0_5J-F_lvaD3%3DmsqvaQUsSjb%3D8v*QRRQasbOXs91%3DO*~9UbsqsK3*bv*b1%3DO*~9UbsqsK3*bv6Da%3D8v69*9D9R9bh%3DNvSD1V%3D8r8q!v9bhVQs91%3DNtv*QRRQasbOXs91%3DO*~9UbsqsK3*bv*MVVRhsbOXs91%3Dv1QbQSbQ1sbOXs91%3DO*~9UbsqsK3*bv69Q~OD9R9bh%3D8r!EvV3*%3DNvOSsbhVQ%3DNvO1DRP%3DN!NZZtN!8qvOCV%3DNv3XD91%3D8r8i8vDURa%3D8r8N8v*M91%3Dv1bS%3DQMsDQv1CCsQaVC%3DUOR*Qv1CC%3DKOaC3jhvD1VSOV1%3D8v1ORX%3DMj9*3jNZv*3DV%3DvW91%3Dw.YpVMDptNqEtiE2Z!i8t2ZqvKbCR%3DNvO1sV3*%3D%7B%22b%22%3AN%2C%22V%22%3A2%7Dv1SMb%3Dqmv13XD%3D8pNvQSVsM*Q1%3DDQR3~sGm8vQSVsVm8%3D8r!8!qtvQSVsVtm%3DNrZtm!!v9DS%3DNv&jb6=8&CCC=VNzCEQFq31P_ic8moUlcFc((3~sa8Qau&9~=8&9j5Ua=N&D1a51=2iZ&CSU=iEm8i&h1*Va=N&DOQ=J2OcfcO%2FXX&PObVaQ=N&PObD91=pN8q&SO13CO9j=bf_pKdSRpdp)(Kc2ZpMMU1jm-YKZ9z8ciG1qZh25(SL4-)LsPhL3fX%3D%3D&9*91=m&O16=5j6Q*b3a%2003SM*&VX91=VNm2iqNqqZmbZ8Zq8ENZNEm!&**R1=%7B%22**9V%22%3A%22!qrtirNZEr8%22%2C%22**SS%22%3A%22z)%22%2C%22***S%22%3A%220a9D3MaX%22%2C%22**Sbh%22%3A%22ROM*OjjQ%22%7D&KbCR*aS=N&ure=1
Frame ID: A3F6D80E3B5BE27B84FD6BFDC6AEC8FD
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CUF4MSM6&https=1&itype=CM
Frame ID: EE0F64850DC8363EAC875FBD723CF21A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUSWW7U3&prvid=99%2C77%2C20000%2C262%2C460%2C461%2C132%2C462%2C4%2C3016%2C313%2C238%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1
Frame ID: F826702DDDB645820CF5ECCCA6C8454A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2599&&kkdd=A!%7C3%7C9Hn*A&666=K.D6Pwa9tu)bZE*0xvkEaE33tfYq*wqi&F-=.ZPA0ARzcccc90*Z0.A&VuKq=.&6NKQ=*&_uF=.*z9&7N_w=lc0A&_-u=RDaUAW3WZ&_K_u=Hu06ubuzDDh6Xibqjfq_-8%3D%3D&_q-u=RZ9990.9Z&N-Cw=.Z*(Z**&__=D1&N_=o1&_2B6=1GbWjEM&K-u=R5jby1eoM&7K-u=i.X9ZZR&277KN=.&qqq=NDkiXzvJKQUn-*0v*-g0IhhKBE.U)-WJM!KTUhwraR_%3D&BNw=0&Jf=.&TVu=A&Qu7.=RDa3xxza9&Qu7c=cc9z9A9AZ&nuQ7Q=mn(YJwB%3D..z.mn2K%3D*mn-u%3D*4*c*mn(YQB_wN7tq%3D.RI9sc*I9mn(YQNB%3D99*9mn(Yw(K%3D*mn(YV-BNT%3D*mn(Y-B76u%3D*mn(Yq2%3DAzyX8K!R1Lmn(YqK_%3D**.***.mn(YN-Cw%3D.Z*(Z**mn(Y76Q(%3Dc0*mn(Y76JYNTvv-(%3D%2Fm_-7r%3DLXlWjEiI3abIlGa3GEEXm_)YvJ%3D*mu_%3DV_KIwTIfwN7.Inmu66Yu.%3D*mu66Yu.*%3D*mu66Yu.c%3D.mu66Yu.A%3D*mu66Yu.0%3D.mu66Yu.Z%3D9mu66Yu.z%3D*mu66Yu.R%3DR0mu66Yu.P%3D***.mu66Yuc%3Dimu66Yuc.%3DI.mu66Yucc%3D*4*.mu66YucA%3D0mu66Yuc0%3DuwvYuwvmu66YucR%3D0mu66YucP%3D*4**mu66Yu9%3D*mu66Yu9*%3D*mu66Yu9c%3D*mu66Yu99%3D*mu66Yu9Z%3DEGmu66Yu9z%3Dimu66YuA%3D.*mu66YuA*%3D*mu66YuAc%3D*mu66YuA9%3D*mu66YuAA%3DKqtumu66YuA0%3D*mu66YuAZ%3Dbmu66Yu0.%3D*mu66Yu0c%3D*4**mu66Yu0Z%3D*mu66Yuz%3D*mu66YuR%3D*mu66YJ%3D*4*.*mu66Y6.%3D*4**Pmu66Y6.*%3D.4***mu66Y6..%3D*4PZzmu66Y6.c%3D*4*Rcmu66Y6.9%3D.4***mu66Y6.A%3D.4***mu66Y6.0%3D.4*.*mu66Y6.Z%3D*4*Rcmu66Y6c%3D*4.czmu66Y6c.%3D.4***mu66Y6c9%3D.4***mu66Y6cA%3D.4***mu66Y6c0%3D.4***mu66Y6cP%3D.4***mu66Y69%3D.4***mu66Y69*%3D.4***mu66Y69c%3D*4*.*mu66Y69A%3D.4***mu66Y69P%3D.A4***mu66Y6A*%3D.A4***mu66Y60%3D.4***mu66Y60c%3D*4RP*mu66Y609%3D*40**mu66Y60A%3D04***mu66Y600%3D*40**mu66Y60z%3D.4***mu66Y60P%3D*4c9Rmu66Y6Z%3D*4c9Rmu66Y6z%3D*49AAmu66Y6P%3D.4***mu66Yq%3D*4*RcmwYqK6%3D*4**PmwqK6%3D*4**Pm2_%3D*%20%2B%20*m-2Q%3D*m-7rKw%3DGyOmqY__%3DD1mqY-K%3DR94zZ4.cP4*mqYN_%3Dpymqnt%3D0Y9mqwvY_B7%3D*mNwJJwqY7QVY-u%3DQNf-v7Y*Y2tN7mN7u%3DQNf-v7Y*Y2tN7mFnq%3D*mF-N-n-J-7r%3D.m_nuK%3D*4*.Am-7rKwY-u%3D.zmNwJJwqY7QVY-u%3DQNf-v7Y*Y2tN7mNTKKJrY7QVY-u%3Dmuw7w_7wuY7QVY-u%3DQNf-v7Y*Y2tN7mF-wfQn-J-7r%3D*4RPmKtN%3D.mQ_Y7rKw%3D.mQunJ)%3D.R.ccz.R*AmQ6K%3D.mtVn-u%3D*4*c*mnvJq%3D*4*.*mNT-u%3Dmu7_%3DwTYnwmu66YwqK6%3DvQJNwmu66%3D2Qq6tBrmnuK_QKu%3D*muQJV%3DuwvQTJ7mNtnK%3Dm(-u%3DGyOIKTnIz.9PzZPAcRZ*zAc9m276J%3D.mQuYKtN%3D%7B%227%22%3A*%2C%22K%22%3AA%7Dmu_T7%3D9*mutVn%3D*I.mw_KYTNwu%3DnwJtfYg0*mw_KYK0*%3D*4zRPA9mw_KYKz0%3D.4A09ZZm-n_%3D.m&B7F=*&-f=*&-Bevq=.&nuqeu=AZc&6_v=ZP0*Z&ruNKq=.&nQw=LAQECEQ%2FVV&)Q7Kqw=.&)Q7n-u=I.*9&_Qut6Q-B=7CbI2l_JIlI132EAcITTvuB0jO2c-D*EZgu9crAe3_!pj1!Y)r!tCV%3D%3D&-N-u=0&QuF=eBFwN7tq%20Ut_TN&KV-u=K.0AZ9.99c07c*c9*P.c.P0R&NNJu=%7B%22NN-K%22%3A%22R94zZ4.cP4*%22%2C%22NN__%22%3A%22D1%22%2C%22NNN_%22%3A%22py%22%2C%22NN_7r%22%3A%22JQTNQBBw%22%7D&Kwqv=.&276JNq_=.&ure=1
Frame ID: 52A11E9FCA9BFC8E01B1C7C1B40212C4
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CUF4MSM6&https=1&itype=CM
Frame ID: 37C7E135929B36A99E7F6E8CE0419ED1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUSWW7U3&prvid=99%2C77%2C20000%2C262%2C460%2C461%2C132%2C462%2C4%2C3016%2C313%2C238%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1
Frame ID: 8E4C3776DF45ACAD53A0003A4E1337D4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sqworl | Visual Bookmarks for Educators | Sqworl

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • iubenda\.com/cookie-solution/confs/js/
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

100
Requests

74 %
HTTPS

0 %
IPv6

21
Domains

37
Subdomains

37
IPs

5
Countries

1434 kB
Transfer

4320 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png HTTP 307
  • https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
Request Chain 10
  • http://assets.pinterest.com/js/pinit.js HTTP 307
  • https://assets.pinterest.com/js/pinit.js
Request Chain 16
  • http://connect.facebook.net/en_US/sdk.js HTTP 307
  • https://connect.facebook.net/en_US/sdk.js
Request Chain 19
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 39
  • http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS HTTP 302
  • https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

100 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 5d7lsd
sqworl.com/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash
e65924215524ab5ecc9cf5370aab6a8296fdb74c463022dd2b970b8a41232464

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3876
Content-Type
text/html
Date
Tue, 12 Sep 2023 19:48:03 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.7 (Ubuntu)
Vary
Accept-Encoding
X-Powered-By
PHP/5.5.9-1ubuntu4.22
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Nunito:400,300,700
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
00ec85c0cc06a8b7b7a6414d218d2b5c80b4c8d5e65a1fee03b9a48ed1c232d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:58:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Tue, 12 Sep 2023 19:58:40 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Tue, 12 Sep 2023 19:58:40 GMT
style.css
sqworl.com/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sqworl.com/css/style.css?v=1
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
46e5365ad8d0b582339cfdcdb3c58df70a9b6f042b29545090b5ad192fcfc31f

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/5d7lsd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:48:03 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Aug 2016 18:23:14 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"568b-53a0c357cf903-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4677
tipsy.css
sqworl.com/css/ 		2 KB
865 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sqworl.com/css/tipsy.css
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
0889308c17c381d319d123a50a0aaafa256f57c667e1309510a90311edf404eb

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/5d7lsd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:48:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Dec 2014 02:17:48 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"876-50a6014fe3772-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
530
media.css
sqworl.com/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://sqworl.com/css/media.css
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
06ec94c6f183b0450ee88b453cc5dcf08708d666c87a76c6d48dda51b0d6886a

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/5d7lsd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:48:03 GMT
Content-Encoding
gzip
Last-Modified
Sun, 05 Mar 2017 20:16:18 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"cec-54a01739347c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
822
modernizr-2.6.2.min.js
sqworl.com/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sqworl.com/js/modernizr-2.6.2.min.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/5d7lsd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:48:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Dec 2014 02:17:56 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"3c36-50a60156e46f2-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6246
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
d5e7d7480f5f79ef3fead301dcf49022894752e12e3c3f5a03ba09d162c4b641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:58:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
53714
X-XSS-Protection
0
Server
cafe
ETag
16787395743857131660
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Tue, 12 Sep 2023 19:58:40 GMT
iubenda_cs.js
cdn.iubenda.com/cookie_solution/safemode/ 		237 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.iubenda.com/cookie_solution/safemode/iubenda_cs.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
3a585399acea802506b248a0f83926def3bc57198d35a8e48dadd149c556f2b1

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:58:41 GMT
Content-Encoding
gzip
CDN-EdgeStorageId
1080
Transfer-Encoding
chunked
P3P
CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
CDN-CachedAt
09/08/2023 11:10:32
CDN-PullZone
954456
Connection
keep-alive
Last-Modified
Fri, 08 Sep 2023 10:12:02 GMT
Server
BunnyCDN-DE1-1080
CDN-ProxyVer
1.04
CDN-RequestPullCode
200
ETag
"64faf372-d6"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
CDN-Cache
HIT
CDN-Uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
Cache-Control
public, max-age=3600
CDN-RequestId
b10c98788e97261f6295df8348c57fce
CDN-RequestCountryCode
CH
CDN-Status
200
CDN-RequestPullSuccess
True
sqworl_logo.png
sqworl.com/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sqworl.com/img/sqworl_logo.png
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
13f69fb9d246edd6b451b2b31124dcf540a2612bb5b5ddf0be757e812cb03525

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/5d7lsd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:48:04 GMT
Last-Modified
Fri, 19 Dec 2014 17:27:57 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"322c-50a9507a07b7b"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
12844
/
image.thum.io/get/auth/57215-sqworl/width/200/crop/900/noanimate/https://dreamtig.com/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.thum.io/get/auth/57215-sqworl/width/200/crop/900/noanimate/https://dreamtig.com/
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.46 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:46 GMT
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-disposition
inline; filename= "image..jpg"
thum_status_code
200
x-amz-cf-id
PfEKay8tjbfTvQQOQdA2uiRVhAlrhYx1PmTNLVVEcfqZdHGgVsYVYg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pinit_fg_en_rect_gray_20.png
assets.pinterest.com/images/pidgets/
Redirect Chain
  • http://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
  • https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
908 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Server
146.75.116.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3aec2b233c010f1f2213ecf8360d509f3eeca34f69d162335aefa01fe0035e2f

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:58:41 GMT
x-cdn
fastly
etag
"8a25277cfdf72f8f916b4cdc34052149"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Origin
cache-control
max-age=86400
alt-svc
h3=":443";ma=600
content-length
908

Redirect headers

Location
https://assets.pinterest.com/images/pidgets/pinit_fg_en_rect_gray_20.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
pinit.js
assets.pinterest.com/js/
Redirect Chain
  • http://assets.pinterest.com/js/pinit.js
  • https://assets.pinterest.com/js/pinit.js
361 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Server
146.75.116.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:58:41 GMT
content-encoding
br
x-cdn
fastly
etag
"62d32c28f14783b94192cd8d35bc010d"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=300
alt-svc
h3=":443";ma=600
content-length
203

Redirect headers

Location
https://assets.pinterest.com/js/pinit.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f10.1e100.net
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 07:58:46 GMT
X-Content-Type-Options
nosniff
Age
129594
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
95786
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Tue, 10 Sep 2024 07:58:46 GMT
jquery.tipsy.js
sqworl.com/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sqworl.com/js/jquery.tipsy.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
67b2a3e28c0d6e105b04a4806b84c02cede9775d5ba3be5bd57fb80772724952

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/5d7lsd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:48:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Dec 2014 02:17:55 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"263b-50a6015669632-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2712
jquery.infieldlabel.min.js
sqworl.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sqworl.com/js/jquery.infieldlabel.min.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
15c390fc54814643250ccf0ab0530dcf3c0b86e6293b46c3e55fa861c4bd394e

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/5d7lsd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:48:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Dec 2014 02:17:54 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"6c8-50a601558f9d2-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
761
30768X884129.skimlinks.js
s.skimresources.com/js/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s.skimresources.com/js/30768X884129.skimlinks.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
22da01693f4a80c11dbf4f02d3ecc9a0f0cf9a000f7d72ff0b40e475f4fa0eec

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:58:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2023 14:55:38 GMT
Server
AmazonS3
x-amz-request-id
9CVEXB2XJHK9N2P2
ETag
"4bd4be92faee4cd3355615d9575e2512"
X-HW
1694548720.cds221.fr8.h2,1694548720.cds247.fr8.c
Content-Type
application/octet-stream
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19530
x-amz-id-2
1HByOTZkZE6qCmKqg1FM0I0nv5bMJqaiFI3myo9+MNIV/c8zjq51YJzJnr+P1C+0l/hPf141+UM=
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Nunito:400,300,700
Protocol
HTTP/1.1
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://sqworl.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 08 Sep 2023 20:42:05 GMT
X-Content-Type-Options
nosniff
Age
342995
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
35904
X-XSS-Protection
0
Last-Modified
Mon, 18 Jul 2022 19:34:47 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 07 Sep 2024 20:42:05 GMT
sdk.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
1f02861111cc7739ffb33ad5dacdd437a04d8bf2a49a1112e3bf2a736d0ef0bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Sep 2023 19:58:41 GMT
content-md5
Z8dYnVw5BnytLJE2MH6U8A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-debug
EYH449HQZbUrcVrttPHJLFDtOnwVitxEtL5LCjwsDRtEIAEX37sVv4gzkfGKf3SqrntLYY7Dr3xpzQlAou+Crg==
x-fb-content-md5
7e4b44a42b7fd14ba8443a8fd8e1799a
cross-origin-opener-policy
same-origin-allow-popups
etag
"7b34a7a2985acd8eed68a867a49fe93d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 12 Sep 2023 20:09:23 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js#xfbml=1&appId=1393466737546175&version=v2.0
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674D) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:58:41 GMT
Content-Encoding
gzip
Age
1430
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (frb/674D)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
gear-bg-24.png
sqworl.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sqworl.com/img/gear-bg-24.png
Requested by
Host: sqworl.com
URL: http://sqworl.com/css/style.css?v=1
Protocol
HTTP/1.1
Server
104.236.103.127 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
0c4a1f78c32fa975cccbc35ac2fc2cf186506b408f3256f039d820e456597de0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/css/style.css?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:48:04 GMT
Last-Modified
Wed, 17 Dec 2014 02:17:56 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"6c1-50a6015779d92"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1729
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Sep 2023 19:44:21 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
860
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 12 Sep 2023 21:44:21 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
/
r.skimresources.com/api/ 		162 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/30768X884129.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
0bda864afbffb20a6b73690725ba43bff5c701fd29bb02bd3dcce2c00bacde9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 12 Sep 2023 19:58:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://sqworl.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
robots.txt
t.skimresources.com/api/v2/ Frame FCB5 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4405122576885143
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:58:41 GMT
via
1.1 google
cache-control
private, no-store
server
Python/3.10 aiohttp/3.8.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p.skimresources.com/px.gif?ch=1&rn=9.264361603677694
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

P3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date
Tue, 12 Sep 2023 19:58:40 GMT
Via
1.1 google
Server
Skimlinks Pixel 1.0
Content-Length
43
Content-Type
image/gif
px.gif
p.skimresources.com/ 		43 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p.skimresources.com/px.gif?ch=2&rn=9.264361603677694
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

P3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date
Tue, 12 Sep 2023 19:58:40 GMT
Via
1.1 google
Server
Skimlinks Pixel 1.0
Content-Length
43
Content-Type
image/gif
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
1b1f73e179c24870a8c0637a9742bd3dfd86ca76767a0a2cd3f11293219dce2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:58:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131766
x-xss-protection
0
server
cafe
etag
16969237885086992029
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 19:58:41 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/ Frame 1AE1 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sqworl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
42598
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 08:08:43 GMT
etag
8554266389219770021
expires
Tue, 26 Sep 2023 08:08:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
page
t.skimresources.com/api/v2/ 		22 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/30768X884129.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:41 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
http://sqworl.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link
t.skimresources.com/api/v2/ 		22 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/30768X884129.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:41 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
http://sqworl.com
warning
299 - "Deprecated API"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
loader.js
cdn.taboola.com/libtrc/skimlinks-publishers/ 		149 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/30768X884129.skimlinks.js
Protocol
HTTP/1.1
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
afec3f17cba6217cc5a0353cf739bddf81ffc1a9d02783c7ce6f593436ebdaea

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FybW3I6D0EG6lMCVe._9ddUXvVgG4Hzz
content-encoding
gzip
Via
1.1 varnish
Date
Tue, 12 Sep 2023 19:58:41 GMT
x-amz-request-id
323XTQC0HXHC1AEV
Age
161
x-amz-server-side-encryption
AES256
X-Cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
6
x-amz-replication-status
FAILED
Connection
keep-alive
Content-Length
44806
x-amz-id-2
uQan3O35W5SZZ4uSk83Ni3zhOqXDynO12nYAX7NrbYcfR/2PNehlBg1syJk1Sbl2OSbd8m/UNpU=
X-Served-By
cache-fra-etou8220051-FRA
last-modified
Tue, 12 Sep 2023 17:11:45 UTC
Server
nginx
X-Timer
S1694548721.292619,VS0,VE1
etag
"039ff502b86157df5f7861c16ec46ba16fd71bb5"
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
28
Cache-Control
private,max-age=14400
Accept-Ranges
bytes
X-Cache-Hits
1
core-fcf8c9eac36aece9d290934b54a63296.js
cdn.iubenda.com/cookie_solution/iubenda_cs/ 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.iubenda.com/cookie_solution/iubenda_cs/core-fcf8c9eac36aece9d290934b54a63296.js
Requested by
Host: cdn.iubenda.com
URL: http://cdn.iubenda.com/cookie_solution/safemode/iubenda_cs.js
Protocol
HTTP/1.1
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
3883953ece04ad3f10b29882c2d75b7dfed7c4fc3a2505063b78cb6549038645

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:58:41 GMT
Content-Encoding
gzip
CDN-EdgeStorageId
1080
Transfer-Encoding
chunked
P3P
CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
CDN-CachedAt
09/08/2023 09:44:32
CDN-PullZone
954456
Connection
keep-alive
Last-Modified
Fri, 08 Sep 2023 07:59:19 GMT
Server
BunnyCDN-DE1-1080
CDN-ProxyVer
1.04
CDN-RequestPullCode
200
ETag
"64fad457-7e3c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
CDN-Cache
HIT
CDN-Uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
Cache-Control
public, max-age=31536000
CDN-RequestId
e026365eb3de696dd26d9d67f360864a
CDN-RequestCountryCode
CH
CDN-Status
200
CDN-RequestPullSuccess
True
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 5B22 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fsqworl.com
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
http://sqworl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2294678
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Sep 2023 19:58:41 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6795)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
380745.js
www.iubenda.com/cookie-solution/confs/js/ 		89 B
852 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.iubenda.com/cookie-solution/confs/js/380745.js
Requested by
Host: cdn.iubenda.com
URL: http://cdn.iubenda.com/cookie_solution/iubenda_cs/core-fcf8c9eac36aece9d290934b54a63296.js
Protocol
HTTP/1.1
Server
169.150.247.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-39.bunnyinfra.net
Software
BunnyCDN-DE1-1082 /
Resource Hash
06f1bd029bb57ef9b4aace3a36a730983913dee2d416b55cae48dc435e20c765
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 18 Aug 2023 12:05:07 GMT
Date
Tue, 12 Sep 2023 19:58:41 GMT
Strict-Transport-Security
max-age=63072000
CDN-EdgeStorageId
1081
CDN-CachedAt
08/18/2023 11:05:07
CDN-PullZone
966339
Connection
keep-alive
Content-Length
89
Last-Modified
Fri, 18 Aug 2023 10:22:50 GMT
Server
BunnyCDN-DE1-1082
CDN-ProxyVer
1.04
CDN-RequestPullCode
200
ETag
"64df467a-59"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
CDN-Cache
HIT
CDN-Uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
Cache-Control
public, max-age=3600
Access-Control-Allow-Credentials
true
CDN-RequestId
afb2e9600d3d122aae17d8bae0b640fe
Accept-Ranges
bytes
CDN-RequestCountryCode
CH
CDN-Status
200
CDN-RequestPullSuccess
True
pinit_main.js
assets.pinterest.com/js/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.6916903786576216
Requested by
Host: assets.pinterest.com
URL: http://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.116.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:58:41 GMT
content-encoding
br
x-cdn
fastly
etag
"3725764cf05d1a0938de73d398772331"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=300
alt-svc
h3=":443";ma=600
content-length
18679
sdk.js
connect.facebook.net/en_US/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=99eeffb4412b9d2441cbcc362110145c
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
efd4ae80092c8345f01a795ce02311a8344603761183e6b5cb8a8792ec58cae7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://sqworl.com/
Origin
http://sqworl.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Sep 2023 19:58:41 GMT
content-md5
U1bPBJe60b8YUaJJcIwPxg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88948
x-fb-debug
db2yMs5zRl3Tuap+K7PVOgSNfo/0wtQL0huUPmr5h2wbSpzPXOObjQoRzmNbYQ/zUuuz3j5qCTl4u6kW8301Eg==
x-fb-content-md5
cc6d0eb9f9b9732d6f6cb0ff8c547d52
cross-origin-opener-policy
same-origin-allow-popups
etag
"854a0b7fab580994ca67e46a6bff1f6c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 11 Sep 2024 18:46:29 GMT
collect
www.google-analytics.com/j/ 		16 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=897379440&t=pageview&_s=1&dl=http%3A%2F%2Fsqworl.com%2F5d7lsd&ul=en-us&de=UTF-8&dt=Sqworl%20%7C%20Visual%20Bookmarks%20for%20Educators%20%7C%20Sqworl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1364706282&gjid=2111119923&cid=404129918.1694548721&tid=UA-50855-7&_gid=359994503.1694548721&_r=1&_slc=1&z=1174044268
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
296021c91b01be4129994cf73621317625b7a80eaf234241408fa85cb5c54902
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://sqworl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl.20230912-10-RELEASE.js
cdn.taboola.com/libtrc/ 		809 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230912-10-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ed9afdf43a0056c59023d00bab1de18189dbe138e6bccf7ce470c4034f60aaf3

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
EZDagwX9e32yPysweL4IbwCpYH9.1rXO
content-encoding
br
via
1.1 varnish
date
Tue, 12 Sep 2023 19:58:41 GMT
x-amz-request-id
S1S93AH3C88FYK9E
age
3800
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171452
x-amz-id-2
ffNhO6akhTohuxEy7qT601GOjXBdXSqnPzOfbQU9Ltaesjii6IVh+VSZ4MjsuuXdQgfiI3pb6To=
x-served-by
cache-fra-eddf8230121-FRA
last-modified
Tue, 12 Sep 2023 10:53:27 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694548721.440179,VS0,VE0
etag
"c732ad12f884f07779b78cd6f75cf5d5"
vary
Accept-Encoding
content-type
application/javascript
abp
11
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
15866
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
stats.g.doubleclick.net/j/ 		4 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-50855-7&cid=404129918.1694548721&jid=1364706282&gjid=2111119923&_gid=359994503.1694548721&_u=IEBAAEAAAAAAACAAI~&z=1831606915
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 12 Sep 2023 19:58:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://sqworl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HVD4KN0Q8F&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
08443e683a660e169a422c4cd20d7d2a478439ff5a6906050915f2387b68b2f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:58:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82578
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Sep 2023 19:58:41 GMT
sync
gum.criteo.com/
Redirect Chain
  • http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
  • https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:58:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
342866
expires
60

Redirect headers

location
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
cache-control
no-cache
content-length
0
json
trc.taboola.com/skimlinks-publishers/trc/3/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/skimlinks-publishers/trc/3/json?tim=21%3A58%3A41.511&lti=deflated&data=%7B%22id%22%3A85%2C%22ii%22%3A%22%2F5d7lsd%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1694517246266%2C%22vi%22%3A1694548721509%2C%22cv%22%3A%2220230912-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fsqworl.com%2F5d7lsd%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22http%3A%2F%2Fsqworl.com%2F5d7lsd%22%2C%22vpi%22%3A%22%2F5d7lsd%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1210%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Aabp%3D0%22%2C%22uip%22%3A%22SkimlinksPublisher%22%2C%22orig_uip%22%3A%22SkimlinksPublisher%22%2C%22cd%22%3A1210%2C%22mw%22%3A1600%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F5d7lsd%2CSkimlinksPublisher%3Drbox-tracking%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230912-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b5fc8bbd9e6c8c100bab61f9f725cbf7fdd41ac27429ed8b5ddafbe619084e44

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
121
date
Tue, 12 Sep 2023 19:58:41 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.6098485
x-fastly-to-nlb-rtt
98052
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230121-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1694548722.534338,VS0,VE121
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
http://sqworl.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
distance-from-article.20230912-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230912-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac1aee30854f122612352afc6983bb155ad77cb3b790d188e3eefcd5e137e153

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UqGXssJ81hEp9XLRD.FLzHOSVeKAlR8E
content-encoding
gzip
via
1.1 varnish
date
Tue, 12 Sep 2023 19:58:41 GMT
x-amz-request-id
YHWCBT2MJXREA94B
age
20535
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
j2GejI+LFujb2UN7/YLutpRdBptG4s1DZhhlGtxaQ5pF9KU62Hh9WyHFkzFxCtJtf9gL7uM7fd4=
x-served-by
cache-fra-eddf8230121-FRA
last-modified
Tue, 12 Sep 2023 14:16:27 GMT
server
AmazonS3
x-timer
S1694548722.750776,VS0,VE0
etag
"4bf641a5fe64408dd1b67558dc638e51"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
23
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
57090
article-detection.20230912-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230912-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94df1760fae1e5ec8c648744e5f7b4f22b21383b9e3f219becc64191d9baff58

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KZ39qkLQcvzq1Ofqk27i4vUUmu_SnC8L
content-encoding
gzip
via
1.1 varnish
date
Tue, 12 Sep 2023 19:58:41 GMT
x-amz-request-id
8XR40Y99EY0HW6TG
age
20542
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1292
x-amz-id-2
lteKc+TcFsZh/bm49x3GdsqgOJj6R7FVUcuWMtUIhK5izOHWJz4HNeMSX1fo32vsDTf7YgqsR2k=
x-served-by
cache-fra-eddf8230121-FRA
last-modified
Tue, 12 Sep 2023 14:16:20 GMT
server
AmazonS3
x-timer
S1694548722.750712,VS0,VE0
etag
"f19de4eae309db2c1e469e0e48b55aa4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
34
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
57100
article-and-feed-area-scanner.20230912-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20230912-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/skimlinks-publishers/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a420a49be88aa874eca839048a4b6f33ddb4d1067bc4e3961636ca0715aa01c

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4bBug7qsQWUSrjfB8TA2_yV0bckpsKsu
content-encoding
gzip
via
1.1 varnish
date
Tue, 12 Sep 2023 19:58:41 GMT
x-amz-request-id
FMJBXPZJYTRZ8MXC
age
20543
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1148
x-amz-id-2
61CltI/tbchA3BGMBFGwvXa6ILeyr/W9CPH7+qAlt5FFg3bL2bHF5+dtnmsmDnOmnOUTmiHQaD0=
x-served-by
cache-fra-eddf8230121-FRA
last-modified
Tue, 12 Sep 2023 14:16:19 GMT
server
AmazonS3
x-timer
S1694548722.750716,VS0,VE0
etag
"c543032a99fbc163104e9767ac15107e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
79
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
17802
debug
ch-trc-events.taboola.com/skimlinks-publishers/log/2/ 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/skimlinks-publishers/log/2/debug?tim=21%3A58%3A41.728&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20rbox-tracking&llvl=2&id=6723&cv=20230912-10-RELEASE&lt=deflated&pct=1
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:58:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
106067
settings
syndication.twitter.com/ Frame 5B22 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=ecc7a95e5ca1bdbb5f314502fa772ebab0449534
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fsqworl.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
109
date
Tue, 12 Sep 2023 19:58:41 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Tue, 12 Sep 2023 19:58:41 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
14a20e2dd12e4a7f
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
cf2fbab56a0fa7c784197d0e335c7defb5bca7009d14a294389c15924f0958b9
content-length
337
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-50855-7&cid=404129918.1694548721&jid=1364706282&_u=IEBAAEAAAAAAACAAI~&z=1803015414
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-50855-7&cid=404129918.1694548721&jid=1364706282&_u=IEBAAEAAAAAAACAAI~&z=1803015414
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		387 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=sqworl.com&callback=_gfp_s_&client=ca-pub-7139769428607423
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9b014953d4912ff90b6821e5f8949941e60fdc5d30badf7aecb660b617f99ad1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:58:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7EC3 		436 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&h=280&slotname=6709750226&adk=397385836&adf=1684144924&pi=t.ma~as.6709750226&w=728&fwrn=4&fwrnh=100&lmt=1694541521&rafmt=1&format=728x280&url=http%3A%2F%2Fsqworl.com%2F5d7lsd&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1694548721162&bpp=2&bdt=1326&idt=661&shv=r20230911&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&correlator=5797483029467&frm=20&pv=2&ga_vid=404129918.1694548721&ga_sid=1694548722&ga_hid=897379440&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44798878%2C44759876%2C44759927%2C44798321&oid=2&pvsid=3963666929942203&tmod=1401286723&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=AXuDFFlrSg&p=http%3A//sqworl.com&dtd=677
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
804c35a73c2bd855a210967fd730d2f644992e5e6da6f806db9222d1404b120a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sqworl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 19:58:42 GMT
expires
Tue, 12 Sep 2023 19:58:42 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C6B2 		169 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7139769428607423&output=html&adk=1812271804&adf=3025194257&lmt=1694541521&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=http%3A%2F%2Fsqworl.com%2F5d7lsd&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&dt=1694548721178&bpp=2&bdt=1342&idt=665&shv=r20230911&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&nras=1&correlator=5797483029467&frm=20&pv=1&ga_vid=404129918.1694548721&ga_sid=1694548722&ga_hid=897379440&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44798878%2C44759876%2C44759927%2C44798321&oid=2&pvsid=3963666929942203&tmod=1401286723&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=676
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
dfbc283c88af460780a5369c1affade5b5b27a97a9663b1a5484c4dacaccb354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sqworl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
27259
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 19:58:42 GMT
expires
Tue, 12 Sep 2023 19:58:42 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-HVD4KN0Q8F&gtm=45je3960&_p=897379440&_gaz=1&ul=en-us&sr=1600x1200&cid=404129918.1694548721&_eu=ABAI&_s=1&dl=http%3A%2F%2Fsqworl.com%2F5d7lsd&dt=Sqworl%20%7C%20Visual%20Bookmarks%20for%20Educators%20%7C%20Sqworl&sid=1694548721&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVD4KN0Q8F&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://sqworl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HVD4KN0Q8F&cid=404129918.1694548721&gtm=45je3960&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVD4KN0Q8F&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://sqworl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HVD4KN0Q8F&cid=404129918.1694548721&gtm=45je3960&aip=1&z=1644484844
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
button.e7f9415a2e000feaab02c86dd5802747.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 19:58:42 GMT
Content-Encoding
gzip
Age
2300659
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2618
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (frb/67D5)
Etag
"506673dbdb9085e7201e137e893cc152+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
platform.twitter.com/widgets/ Frame B593 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by
Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) /
Resource Hash
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer
http://sqworl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2300659
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
13592
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Sep 2023 19:58:42 GMT
Etag
"28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:10 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67D5)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fsqworl.com%2F5d7lsd%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1694548722093%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=ecc7a95e5ca1bdbb5f314502fa772ebab0449534
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
103
date
Tue, 12 Sep 2023 19:58:41 GMT
strict-transport-security
max-age=631138519
last-modified
Tue, 12 Sep 2023 19:58:42 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
e62ef4439af082c1
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
cf2fbab56a0fa7c784197d0e335c7defb5bca7009d14a294389c15924f0958b9
content-length
43
truncated
/ Frame B593 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
log.pinterest.com/ 		0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=9dRP3Faju4q7&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fsqworl.com%2F5d7lsd
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 12 Sep 2023 19:58:42 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
16
x-pinterest-rid
1592503246302682
content-length
0
x-served-by
cache-fra-eddf8230095-FRA
pragma
no-cache
server
envoy
x-timer
S1694548722.411212,VS0,VE40
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
51c60c57165865a8c04a1afba57c11cab765efc756c408b891cea04574ef5b2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:58:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53659
x-xss-protection
0
server
cafe
etag
15165352212902687856
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 19:58:42 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230911/r20110914/ Frame 8997 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230911/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sqworl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
19998
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 14:25:24 GMT
etag
8554266389219770021
expires
Tue, 26 Sep 2023 14:25:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230911/r20110914/ Frame 39FF 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230911/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sqworl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
19998
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Sep 2023 14:25:24 GMT
etag
8554266389219770021
expires
Tue, 26 Sep 2023 14:25:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
nmedianet.js
contextual.media.net/ Frame 0BA9 		92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUF4MSM6&ydspr=1
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1ab792c83fc80e65cc1af465f47a72c4313366381ca8efde6aef1359f6cf83cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
21-g4dd
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 12 Sep 2023 19:58:42 GMT
server
Apache
etag
"15486332a7769cc0cec52ead784e051c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-cnr1
timing-allow-origin
*
content-length
35790
expires
Tue, 12 Sep 2023 20:03:42 GMT
release-20230823-110-adperformance.js
warp.media.net/rtb/resources/ Frame 0BA9 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230823-110-adperformance.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.123.44.23 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-123-44-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
4ce9f81b56777ca98376cd7e29fe960ae0bde99fe0c4824cbd1bc4227f5794d1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Tue, 12 Sep 2023 19:58:42 GMT
x-guploader-uploadid
ADPycduFxhH-pT29g32bGeichCGXG-DHmdmEo05HcOfHKTCLIl7hNom4GgpORH2IN74-nVXJilUKDxQ9Z6cxkEY8ppEMWv6ervyq
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25093
server
UploadServer
etag
"e0efafc336ec00578ef1e26d889bf129"
vary
Accept-Encoding
x-goog-hash
md5=4O+vwzbsAFeO8eJtiJvxKQ==, crc32c=AAyNXg==
content-type
application/javascript
x-goog-generation
1692818194940975
cache-control
max-age=3600
x-goog-stored-content-length
73239
expires
Tue, 12 Sep 2023 20:58:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 0BA9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
83621
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 20:45:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 0BA9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8540
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Sep 2023 17:36:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0BA9 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:58:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 19:58:43 GMT
nmedianet.js
contextual.media.net/ Frame 1A92 		97 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUF4MSM6&ydspr=1
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3bb4df49a9ede837dbe5a1945719ec3345b1b5d87f723560a881f139c582a8a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
21-g4dd
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 12 Sep 2023 19:58:42 GMT
server
Apache
etag
"fc943e6175ba964a74001e633a5ce75f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-cnr1
timing-allow-origin
*
content-length
37476
expires
Tue, 12 Sep 2023 20:03:42 GMT
release-20230823-110-adperformance.js
warp.media.net/rtb/resources/ Frame 1A92 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230823-110-adperformance.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.123.44.23 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-123-44-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
4ce9f81b56777ca98376cd7e29fe960ae0bde99fe0c4824cbd1bc4227f5794d1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Tue, 12 Sep 2023 19:58:42 GMT
x-guploader-uploadid
ADPycduFxhH-pT29g32bGeichCGXG-DHmdmEo05HcOfHKTCLIl7hNom4GgpORH2IN74-nVXJilUKDxQ9Z6cxkEY8ppEMWv6ervyq
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25093
server
UploadServer
etag
"e0efafc336ec00578ef1e26d889bf129"
vary
Accept-Encoding
x-goog-hash
md5=4O+vwzbsAFeO8eJtiJvxKQ==, crc32c=AAyNXg==
content-type
application/javascript
x-goog-generation
1692818194940975
cache-control
max-age=3600
x-goog-stored-content-length
73239
expires
Tue, 12 Sep 2023 20:58:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 1A92 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:45:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
83621
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 20:45:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 1A92 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
8540
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Sep 2023 17:36:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A92 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 19:58:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694432528947753"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 19:58:43 GMT
bulk
trc.taboola.com/skimlinks-publishers/log/3/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/skimlinks-publishers/log/3/bulk?tvi48=-48&route=AM%3ACH%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230912-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://sqworl.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
94
date
Tue, 12 Sep 2023 19:58:42 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
93343
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230121-FRA
pragma
no-cache
server
nginx
x-timer
S1694548723.751572,VS0,VE94
content-type
image/gif
access-control-allow-origin
http://sqworl.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame A3F6 		72 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2607&&kkdd=A!%7Ch%7CuH*A3n9&69=NiE2m2!tZZi8tiZNqZN&X1Va=N&C*VO=8&S16=N8tq&b*SQ=dZm2&S91=!zF02I(Ii&SVS1=e1mC1_1tzznC7u_a-~aS9x%3D%3D&Sa91=!iqqqmNqi&*9fQ=Ni8Wi88&SS=z)&*S=B)&SKjC=)w_I-cH&V91=!T-_.)5BH&bV91=uN7qii!&KbbV*=N&aaa=*zlu7tURVO0D98mU89GmpnnVjcN0P9IRHLVM0nQhF!S%3D&j*Q=m&R~=N&MX1=2&O1bN=!zF(ootFq&O1bZ=ZZqtq2q2i&D1ObO=vDWsRQj%3DNNttvDKV%3D8vD91%3D8r8i8vDWsOjSQ*b3a%3DN!pqgZ8pqvDWsO*j%3Dqq8qvDWsQWV%3D8vDWsX9j*M%3D8vDWs9jbC1%3D8vDWsaK%3D2t.7xVL!)JvDWsaVS%3D888888NvDWs*9fQ%3DNi8Wi88vDWsbCOW%3DZm8vDWsbCRs*MUU9W%3D%2FvS9bh%3DJ7dI-cup(F_pdwF(wcc7vSPsUR%3D8v1S%3DXSVpQMp~Q*bNpDv1CCs1N%3D8v1CCs1N8%3D8v1CCs1NZ%3DNv1CCs1N2%3D8v1CCs1Nm%3DNv1CCs1Ni%3Dqv1CCs1Nt%3D8v1CCs1N!%3D!mv1CCs1NE%3D888Nv1CCs1Z%3Duv1CCs1ZN%3DpNv1CCs1ZZ%3D8r8Zv1CCs1Z2%3Dmv1CCs1Zm%3D1QUs1QUv1CCs1Z!%3Dmv1CCs1ZE%3D8r88v1CCs1q%3D8v1CCs1q8%3D8v1CCs1qZ%3D8v1CCs1qq%3D8v1CCs1qi%3Dcwv1CCs1qt%3Duv1CCs12%3DN8v1CCs128%3D8v1CCs12Z%3D8v1CCs12q%3D8v1CCs122%3DVa31v1CCs12m%3D8v1CCs12i%3D_v1CCs1mN%3D8v1CCs1mZ%3D8r88v1CCs1mi%3D8v1CCs1t%3D8v1CCs1!%3D8v1CCsR%3D8r8ZEv1CCsCN%3D8r8ZEv1CCsCN8%3DNr888v1CCsCNN%3D8rEitv1CCsCNZ%3D8rNE!v1CCsCNq%3DNr888v1CCsCN2%3DNr888v1CCsCNm%3DNr8N8v1CCsCNi%3D8rN88v1CCsCZ%3D8rN2iv1CCsCZN%3DNr888v1CCsCZq%3DNr888v1CCsCZ2%3DNr888v1CCsCZm%3DNr888v1CCsCZE%3DNr888v1CCsCq%3DNr888v1CCsCq8%3DNr888v1CCsCqZ%3D8r8N8v1CCsCq2%3DNr888v1CCsCqE%3DN2r888v1CCsC28%3DN2r888v1CCsCm%3DNr888v1CCsCmZ%3D8r!E8v1CCsCmq%3D8rm88v1CCsCm2%3Dmr888v1CCsCmm%3D8rm88v1CCsCmt%3DNr888v1CCsCmE%3D8rmtmv1CCsCi%3D8rmtmv1CCsCt%3D8rq2mv1CCsCE%3DNr888v1CCsa%3D8rN88vQsaVC%3D8r8ZEvQaVC%3D8r8ZEvKS%3D8%20%2B%208v9KO%3D8v9bhVQ%3Dw.YvasSS%3Dz)vas9V%3D!qrtirNZEr8vas*S%3D0_5J-F_lvaD3%3DmsqvaQUsSjb%3D8v*QRRQasbOXs91%3DO*~9UbsqsK3*bv*b1%3DO*~9UbsqsK3*bv6Da%3D8v69*9D9R9bh%3DNvSD1V%3D8r8q!v9bhVQs91%3DNtv*QRRQasbOXs91%3DO*~9UbsqsK3*bv*MVVRhsbOXs91%3Dv1QbQSbQ1sbOXs91%3DO*~9UbsqsK3*bv69Q~OD9R9bh%3D8r!EvV3*%3DNvOSsbhVQ%3DNvO1DRP%3DN!NZZtN!8qvOCV%3DNv3XD91%3D8r8i8vDURa%3D8r8N8v*M91%3Dv1bS%3DQMsDQv1CCsQaVC%3DUOR*Qv1CC%3DKOaC3jhvD1VSOV1%3D8v1ORX%3DMj9*3jNZv*3DV%3DvW91%3Dw.YpVMDptNqEtiE2Z!i8t2ZqvKbCR%3DNvO1sV3*%3D%7B%22b%22%3AN%2C%22V%22%3A2%7Dv1SMb%3Dqmv13XD%3D8pNvQSVsM*Q1%3DDQR3~sGm8vQSVsVm8%3D8r!8!qtvQSVsVtm%3DNrZtm!!v9DS%3DNv&jb6=8&CCC=VNzCEQFq31P_ic8moUlcFc((3~sa8Qau&9~=8&9j5Ua=N&D1a51=2iZ&CSU=iEm8i&h1*Va=N&DOQ=J2OcfcO%2FXX&PObVaQ=N&PObD91=pN8q&SO13CO9j=bf_pKdSRpdp)(Kc2ZpMMU1jm-YKZ9z8ciG1qZh25(SL4-)LsPhL3fX%3D%3D&9*91=m&O16=5j6Q*b3a%2003SM*&VX91=VNm2iqNqqZmbZ8Zq8ENZNEm!&**R1=%7B%22**9V%22%3A%22!qrtirNZEr8%22%2C%22**SS%22%3A%22z)%22%2C%22***S%22%3A%220a9D3MaX%22%2C%22**Sbh%22%3A%22ROM*OjjQ%22%7D&KbCR*aS=N&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUF4MSM6&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5e239003ea3b13d6986a72547609b55de0f30b600e6e71fbc8978476f7f08a07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
28706
content-type
text/html
date
Tue, 12 Sep 2023 19:58:43 GMT
expires
Tue, 12 Sep 2023 19:58:43 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-w837
checksync.php
contextual.media.net/ Frame EE0F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CUF4MSM6&https=1&itype=CM
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6979988bde92592ac03e75f4b110934f4b8f17a0d9ec0b38406d85cfbcb8b12c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5918
content-type
text/html; charset=UTF-8
date
Tue, 12 Sep 2023 19:58:42 GMT
expires
Thu, 14 Sep 2023 19:58:42 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 0BA9 		35 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2364&&vgd_cdv=1073&vgd_cage=0&vgd_tsce=L254&vgd_mcf=69506&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CUF4MSM6&crid=863335136&vi=1694548722607621321&ugd=4&lf=6&cc=CH&sc=ZH&lper=100&wsip=170785166&r=1694548722938&rrr=sCGTE7flpaFbi05f0iq5-KKpnN1FkiMlYjpuFKeyU8c%3D&requrl=http%3A%2F%2Fsqworl.com%2F&vgde_bdata=~G-MjJzvuuhh~GwEv9~G8Ov9.9F9~G-M1zNJQ7mLvuWoA*f9oA~G-M1QzvAA9A~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv999999u~G-MQ8lJvuF9-F99~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vR4TcaI_obPDoTKPbKII4~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvWX~OYYMOuiv999u~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9f~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9fi~OYYMYuv9.9fi~OYYMYu9vu.999~OYYMYuuv9.iFh~OYYMYufv9.uiW~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9u9~OYYMYuFv9.u99~OYYMYfv9.uHF~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAivuH.999~OYYMYH9vuH.999~OYYMYXvu.999~OYYMYXfv9.Wi9~OYYMYXAv9.X99~OYYMYXHvX.999~OYYMYXXv9.X99~OYYMYXhvu.999~OYYMYXiv9.XhX~OYYMYFv9.XhX~OYYMYhv9.AHX~OYYMYivu.999~OYYMLv9.u99~JMLEYv9.9fi~JLEYv9.9fi~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNv%3Dq~LM8EvWA.hF.ufi.9~LMQNvsDVRaPDZ~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8Ov1QB8k7MAMwmQ7~Q7Ov1QB8k7MAMwmQ7~eGLv9~e8Q8G8j875vu~NGOEv9.9AW~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MAMwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MAMwmQ7~e8JB1G8j875v9.Wi~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9A~1YEvu~myG8Ov9.9F9~GkjLv9.9u9~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~QmGEv~-8OvKrtoExGohuAihFiHfWF9hHfA~w7Yjvu~1OMEmQv%7B%227%22%3Au%2C%22E%22%3AH%7D~ONx7vAX~OmyGv9ou~JNEMxQJOvGJjmBM%20X9~JNEMEX9v9.W9WAh~JNEMEhXvu.fhXWW~8GNvu~&ssld=%7B%22QQ8E%22%3A%22WA.hF.ufi.9%22%2C%22QQNN%22%3A%22%3Dq%22%2C%22QQQN%22%3A%22sL8GmxLy%22%2C%22QQN75%22%3A%22j1xQ1zzJ%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=3303&vgd_rakh=1694548722174411083&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUSWW7U3&vgd_hb_audit_2=223734346&vgd_pgid=p1546313325t202309121958&vgd_pgids=1&vgd_uspa=0&hvsid=00001694548722936013975226885243&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230911/r20110914/zrt_lookup.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.224.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-224-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Tue, 12 Sep 2023 19:58:43 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 12 Sep 2023 19:58:43 GMT
checksync.php
contextual.media.net/ Frame F826 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUSWW7U3&prvid=99%2C77%2C20000%2C262%2C460%2C461%2C132%2C462%2C4%2C3016%2C313%2C238%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230911/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc474fed0d86d83941b17c1544f2f8aa03a828763c002131dccd7d17d0c74107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7999
content-type
text/html; charset=UTF-8
date
Tue, 12 Sep 2023 19:58:43 GMT
expires
Thu, 14 Sep 2023 19:58:43 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 0BA9 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=5332&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=CH&cid=8CUSWW7U3&reqid=lxX9seGeDBP04p1o8qjn6Q&vid=lxX9seGeDBP04p1o8qjn6Q&dn=sqworl.com&rawDn=sqworl.com&pid=8PR113JGC&ugd=4&fleet=common&requrl=http%3A%2F%2Fsqworl.com%2F5d7lsd&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=Fribourg&ct=lausanne&zip=1007&pubid=pub-ADX-109058693731&tgtval=pub-ADX-109058693731&csip=rtb-common-ccdf8f4fd-5pxhn.BE&dtc=eu_be&zone=b&ptype=23&tmax=300&xtmax=290&gdpr=1&gpp_present=false&csex=0&app=0&sat=1&device_id=4&asn=3303&sckfl=0&smbrid=adx-1&usp_status=0&usp_enf=1&mspa_enforced=false&gqid=AD8Fdm5THNKfTfw1aspJFDZKEllYikWc6dSM1vjTTPKJFtKY8HVzTHocSg-ZC8t6kohPt6La&pexid=ADX-pub-7139769428607423&geoll=true&is_ortb=false&s_ip=172.253.231.197&s_city=brussels&commit_id=f662aa07&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-09-12+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=CH&ipcc=CH&is_msnnative_src=false&rtttime=21&req_tid_present=false&pvid=462&prvAccId=863335136&prvApiId=8CUF4MSM6&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=223734346&prspt=headerBid&prvReqId=15700134186981_1290318599_22373434614621&reqsize=160x600&size=160x600&chnl=HARMONY&bdp=0.060&cbdp=0.038&og_cbdp=0.060&ogbdp=0.06&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.038&dt=O&dbf=1&epc=863335136&s=1&snm=SUCCESS&pcrid=8CUF4MSM6-863335136-37-28&tpbTkn=false&exid=220&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=89&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1694548722007&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300160060000059500&strg=HARMONY&stagid=aswift_3_host&vls=0&scrid=1700080807683300160060000059500&mang=1&pvdTmax=253&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CUF4MSM6&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUF4MSM6&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=160x600&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=bfe08ae6f2&acid=f80c06afc835c083aa169df1f510a78f&rtime=7.0&wsip=mowx-8559dfd58b-9glzv&ltime=12.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=1812271803&impId=1&reftime=0&reftype=0&psrc=cid_abk_div&mowxReqId=f80c06afc835c083aa169df1f510a78f_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=aswift_3_host&feedback_id=lxX9seGeDBP04p1o8qjn6Q&supplyTagId=1812271803&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2023-09-12+19%3A58%3A42&__expireat=1694549322264&mview=1&actltime=12&rme=adm&bdata=~bx_len%3D1177~bhp%3D0~bid%3D0.060~bx_ancestor%3D18-3*20-3~bx_asn%3D3303~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000001~bx_size%3D160x600~bx_tmax%3D250~bx_tml_suffix%3D%2F~city%3DBELMONT-SUR-LAUSANNE~ck_fl%3D0~dc%3Dgcp-eu-west1-b~dmm_d1%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D85~dmm_d19%3D0001~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.02~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D10~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d56%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_l%3D0.029~dmm_m1%3D0.029~dmm_m10%3D1.000~dmm_m11%3D0.967~dmm_m12%3D0.198~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.010~dmm_m16%3D0.100~dmm_m2%3D0.146~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m34%3D1.000~dmm_m39%3D14.000~dmm_m40%3D14.000~dmm_m5%3D1.000~dmm_m52%3D0.890~dmm_m53%3D0.500~dmm_m54%3D5.000~dmm_m55%3D0.500~dmm_m57%3D1.000~dmm_m59%3D0.575~dmm_m6%3D0.575~dmm_m7%3D0.345~dmm_m9%3D1.000~dmm_r%3D0.100~e_rpm%3D0.029~erpm%3D0.029~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_cc%3DCH~r_ip%3D83.76.129.0~r_sc%3DFRIBOURG~rbo%3D5_3~ref_cnt%3D0~seller_tag_id%3Daswift_3_host~std%3Daswift_3_host~vbr%3D0~visibility%3D1~cbdp%3D0.038%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_3_host%7Esupply_tag_id%3D%7Edetected_tag_id%3Daswift_3_host%7Eviewability%3D0.89%7Epos%3D1%7Eac_type%3D1%7Eadblk%3D1812271803%7Eamp%3D1%7Eogbid%3D0.060%7Ebflr%3D0.010%7Esuid%3D%7Edtc%3Deu_be%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison12%7Esobp%3D%7Exid%3DADX-pub-7139769428607423%7Ehtml%3D1%7Ead_pos%3D%7B%22t%22%3A1%2C%22p%22%3A4%7D%7Edcut%3D35%7Edogb%3D0-1%7Eecp_used%3Dbelow_q50%7Eecp_p50%3D0.80837%7Eecp_p75%3D1.27588~ibc%3D1~&utime=950&sf=0&cpr=0.2003337179463105
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230911/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.224.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-224-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:43 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 12 Sep 2023 19:58:43 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 52A1 		73 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2599&&kkdd=A!%7C3%7C9Hn*A&666=K.D6Pwa9tu)bZE*0xvkEaE33tfYq*wqi&F-=.ZPA0ARzcccc90*Z0.A&VuKq=.&6NKQ=*&_uF=.*z9&7N_w=lc0A&_-u=RDaUAW3WZ&_K_u=Hu06ubuzDDh6Xibqjfq_-8%3D%3D&_q-u=RZ9990.9Z&N-Cw=.Z*(Z**&__=D1&N_=o1&_2B6=1GbWjEM&K-u=R5jby1eoM&7K-u=i.X9ZZR&277KN=.&qqq=NDkiXzvJKQUn-*0v*-g0IhhKBE.U)-WJM!KTUhwraR_%3D&BNw=0&Jf=.&TVu=A&Qu7.=RDa3xxza9&Qu7c=cc9z9A9AZ&nuQ7Q=mn(YJwB%3D..z.mn2K%3D*mn-u%3D*4*c*mn(YQB_wN7tq%3D.RI9sc*I9mn(YQNB%3D99*9mn(Yw(K%3D*mn(YV-BNT%3D*mn(Y-B76u%3D*mn(Yq2%3DAzyX8K!R1Lmn(YqK_%3D**.***.mn(YN-Cw%3D.Z*(Z**mn(Y76Q(%3Dc0*mn(Y76JYNTvv-(%3D%2Fm_-7r%3DLXlWjEiI3abIlGa3GEEXm_)YvJ%3D*mu_%3DV_KIwTIfwN7.Inmu66Yu.%3D*mu66Yu.*%3D*mu66Yu.c%3D.mu66Yu.A%3D*mu66Yu.0%3D.mu66Yu.Z%3D9mu66Yu.z%3D*mu66Yu.R%3DR0mu66Yu.P%3D***.mu66Yuc%3Dimu66Yuc.%3DI.mu66Yucc%3D*4*.mu66YucA%3D0mu66Yuc0%3DuwvYuwvmu66YucR%3D0mu66YucP%3D*4**mu66Yu9%3D*mu66Yu9*%3D*mu66Yu9c%3D*mu66Yu99%3D*mu66Yu9Z%3DEGmu66Yu9z%3Dimu66YuA%3D.*mu66YuA*%3D*mu66YuAc%3D*mu66YuA9%3D*mu66YuAA%3DKqtumu66YuA0%3D*mu66YuAZ%3Dbmu66Yu0.%3D*mu66Yu0c%3D*4**mu66Yu0Z%3D*mu66Yuz%3D*mu66YuR%3D*mu66YJ%3D*4*.*mu66Y6.%3D*4**Pmu66Y6.*%3D.4***mu66Y6..%3D*4PZzmu66Y6.c%3D*4*Rcmu66Y6.9%3D.4***mu66Y6.A%3D.4***mu66Y6.0%3D.4*.*mu66Y6.Z%3D*4*Rcmu66Y6c%3D*4.czmu66Y6c.%3D.4***mu66Y6c9%3D.4***mu66Y6cA%3D.4***mu66Y6c0%3D.4***mu66Y6cP%3D.4***mu66Y69%3D.4***mu66Y69*%3D.4***mu66Y69c%3D*4*.*mu66Y69A%3D.4***mu66Y69P%3D.A4***mu66Y6A*%3D.A4***mu66Y60%3D.4***mu66Y60c%3D*4RP*mu66Y609%3D*40**mu66Y60A%3D04***mu66Y600%3D*40**mu66Y60z%3D.4***mu66Y60P%3D*4c9Rmu66Y6Z%3D*4c9Rmu66Y6z%3D*49AAmu66Y6P%3D.4***mu66Yq%3D*4*RcmwYqK6%3D*4**PmwqK6%3D*4**Pm2_%3D*%20%2B%20*m-2Q%3D*m-7rKw%3DGyOmqY__%3DD1mqY-K%3DR94zZ4.cP4*mqYN_%3Dpymqnt%3D0Y9mqwvY_B7%3D*mNwJJwqY7QVY-u%3DQNf-v7Y*Y2tN7mN7u%3DQNf-v7Y*Y2tN7mFnq%3D*mF-N-n-J-7r%3D.m_nuK%3D*4*.Am-7rKwY-u%3D.zmNwJJwqY7QVY-u%3DQNf-v7Y*Y2tN7mNTKKJrY7QVY-u%3Dmuw7w_7wuY7QVY-u%3DQNf-v7Y*Y2tN7mF-wfQn-J-7r%3D*4RPmKtN%3D.mQ_Y7rKw%3D.mQunJ)%3D.R.ccz.R*AmQ6K%3D.mtVn-u%3D*4*c*mnvJq%3D*4*.*mNT-u%3Dmu7_%3DwTYnwmu66YwqK6%3DvQJNwmu66%3D2Qq6tBrmnuK_QKu%3D*muQJV%3DuwvQTJ7mNtnK%3Dm(-u%3DGyOIKTnIz.9PzZPAcRZ*zAc9m276J%3D.mQuYKtN%3D%7B%227%22%3A*%2C%22K%22%3AA%7Dmu_T7%3D9*mutVn%3D*I.mw_KYTNwu%3DnwJtfYg0*mw_KYK0*%3D*4zRPA9mw_KYKz0%3D.4A09ZZm-n_%3D.m&B7F=*&-f=*&-Bevq=.&nuqeu=AZc&6_v=ZP0*Z&ruNKq=.&nQw=LAQECEQ%2FVV&)Q7Kqw=.&)Q7n-u=I.*9&_Qut6Q-B=7CbI2l_JIlI132EAcITTvuB0jO2c-D*EZgu9crAe3_!pj1!Y)r!tCV%3D%3D&-N-u=0&QuF=eBFwN7tq%20Ut_TN&KV-u=K.0AZ9.99c07c*c9*P.c.P0R&NNJu=%7B%22NN-K%22%3A%22R94zZ4.cP4*%22%2C%22NN__%22%3A%22D1%22%2C%22NNN_%22%3A%22py%22%2C%22NN_7r%22%3A%22JQTNQBBw%22%7D&Kwqv=.&276JNq_=.&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUF4MSM6&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
78071da13246f39ba3a497e432cbbebe9148fed51d4e61a06601630ed161229e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
28888
content-type
text/html
date
Tue, 12 Sep 2023 19:58:43 GMT
expires
Tue, 12 Sep 2023 19:58:43 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-7t5z
checksync.php
contextual.media.net/ Frame 37C7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CUF4MSM6&https=1&itype=CM
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6979988bde92592ac03e75f4b110934f4b8f17a0d9ec0b38406d85cfbcb8b12c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5918
content-type
text/html; charset=UTF-8
date
Tue, 12 Sep 2023 19:58:43 GMT
expires
Thu, 14 Sep 2023 19:58:43 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 1A92 		35 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2397&&vgd_cdv=1073&vgd_cage=0&vgd_tsce=L254&vgd_mcf=69506&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CUF4MSM6&crid=863335136&vi=1694548722223506514&ugd=4&lf=6&cc=CH&sc=ZH&lper=100&wsip=170785166&r=1694548723016&rrr=sCGTE7flpaFbi05f0iq5-KKpnN1FkiMlYjpuFKeyU8c%3D&requrl=http%3A%2F%2Fsqworl.com%2F&vgde_bdata=~G-MjJzvuuhu~GwEv9~G8Ov9.9f9~G-M1zNJQ7mLvuWoA*f9oA~G-M1QzvAA9A~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u999u~G-MQ8lJvuF9-F99~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vR4TcaI_obPDoTKPbKII4~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvWX~OYYMOuiv999u~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9u~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9u9~OYYMYuv9.99i~OYYMYu9vu.999~OYYMYuuv9.iFh~OYYMYufv9.9Wf~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9u9~OYYMYuFv9.9Wf~OYYMYfv9.ufh~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAivuH.999~OYYMYH9vuH.999~OYYMYXvu.999~OYYMYXfv9.Wi9~OYYMYXAv9.X99~OYYMYXHvX.999~OYYMYXXv9.X99~OYYMYXhvu.999~OYYMYXiv9.fAW~OYYMYFv9.fAW~OYYMYhv9.AHH~OYYMYivu.999~OYYMLv9.9Wf~JMLEYv9.99i~JLEYv9.99i~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNv%3Dq~LM8EvWA.hF.ufi.9~LMQNv%2Fr~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~Q7Ov1QB8k7M9MwmQ7~eGLv9~e8Q8G8j875vu~NGOEv9.9uH~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~e8JB1G8j875v9.Wi~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.9f9~GkjLv9.9u9~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QmGEv~-8OvKrtoExGohuAihFiHfWF9hHfA~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~ONx7vA9~OmyGv9ou~JNEMxQJOvGJjmBM%20X9~JNEMEX9v9.hWiHA~JNEMEhXvu.HXAFF~8GNvu~&ssld=%7B%22QQ8E%22%3A%22WA.hF.ufi.9%22%2C%22QQNN%22%3A%22%3Dq%22%2C%22QQQN%22%3A%22%2Fr%22%2C%22QQN75%22%3A%22j1xQ1zzJ%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=3303&vgd_rakh=1694548722138453610&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUSWW7U3&vgd_hb_audit_2=223734346&vgd_pgid=p1546313325t202309121958&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22PRLG%22%2C%22URLDC%22%5D&hvsid=00001694548723013013975226887248&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230911/r20110914/zrt_lookup.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.224.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-224-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Tue, 12 Sep 2023 19:58:43 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 12 Sep 2023 19:58:43 GMT
checksync.php
contextual.media.net/ Frame 8E4C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUSWW7U3&prvid=99%2C77%2C20000%2C262%2C460%2C461%2C132%2C462%2C4%2C3016%2C313%2C238%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230911/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc474fed0d86d83941b17c1544f2f8aa03a828763c002131dccd7d17d0c74107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7999
content-type
text/html; charset=UTF-8
date
Tue, 12 Sep 2023 19:58:43 GMT
expires
Thu, 14 Sep 2023 19:58:43 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 1A92 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=5321&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=CH&cid=8CUSWW7U3&reqid=CZcEL2Gdmjy6SukYmth1qw&vid=CZcEL2Gdmjy6SukYmth1qw&dn=sqworl.com&rawDn=sqworl.com&pid=8PR113JGC&ugd=4&fleet=common&requrl=http%3A%2F%2Fsqworl.com%2F5d7lsd&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=VD&ct=lausanne&zip=1007&pubid=pub-ADX-109058693731&tgtval=pub-ADX-109058693731&csip=rtb-common-ccdf8f4fd-6qjbb.BE&dtc=eu_be&zone=b&ptype=23&tmax=300&xtmax=290&gdpr=1&gpp_present=false&csex=0&app=0&sat=1&device_id=4&asn=3303&sckfl=0&smbrid=adx-1&usp_status=0&usp_enf=1&mspa_enforced=false&gqid=AD8Fdm4dt-U1LtdlV6kuPcJ64CSqW1bRR_kR3Zo5qyFgZEw0CXfbKsyYo_Yk86jaNuQ28iqK&pexid=ADX-pub-7139769428607423&geoll=false&is_ortb=false&s_ip=172.253.231.199&s_city=brussels&commit_id=f662aa07&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-09-12+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=CH&ipcc=CH&is_msnnative_src=false&rtttime=23&req_tid_present=false&pvid=462&prvAccId=863335136&prvApiId=8CUF4MSM6&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=223734346&prspt=headerBid&prvReqId=21566356130624_1864776687_22373434614621&reqsize=160x600&size=160x600&chnl=HARMONY&bdp=0.020&cbdp=0.014&og_cbdp=0.020&ogbdp=0.02&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.014&dt=O&dbf=1&epc=863335136&s=1&snm=SUCCESS&pcrid=8CUF4MSM6-863335136-37-11&tpbTkn=false&exid=220&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=89&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1694548722014&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300160060000059500&strg=HARMONY&stagid=aswift_0_host&vls=0&scrid=1700080807683300160060000059500&mang=1&pvdTmax=253&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CUF4MSM6&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUF4MSM6&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=160x600&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=bfe08ae6f2&acid=8c00c0b17caffe7265f56e8fe39670cc&rtime=7.0&wsip=mowx-8559dfd58b-hkdj2&ltime=12.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=1812271804&impId=1&reftime=0&reftype=0&psrc=cid_abk_div&mowxReqId=8c00c0b17caffe7265f56e8fe39670cc_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=aswift_0_host&feedback_id=CZcEL2Gdmjy6SukYmth1qw&supplyTagId=1812271804&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2023-09-12+19%3A58%3A42&__expireat=1694549322273&mview=1&actltime=13&rme=adm&bdata=~bx_len%3D1171~bhp%3D0~bid%3D0.020~bx_ancestor%3D18-3*20-3~bx_asn%3D3303~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0010001~bx_size%3D160x600~bx_tmax%3D250~bx_tml_suffix%3D%2F~city%3DBELMONT-SUR-LAUSANNE~ck_fl%3D0~dc%3Dgcp-eu-west1-b~dmm_d1%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D85~dmm_d19%3D0001~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.01~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D10~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d56%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_l%3D0.010~dmm_m1%3D0.009~dmm_m10%3D1.000~dmm_m11%3D0.967~dmm_m12%3D0.082~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.010~dmm_m16%3D0.082~dmm_m2%3D0.127~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m34%3D1.000~dmm_m39%3D14.000~dmm_m40%3D14.000~dmm_m5%3D1.000~dmm_m52%3D0.890~dmm_m53%3D0.500~dmm_m54%3D5.000~dmm_m55%3D0.500~dmm_m57%3D1.000~dmm_m59%3D0.238~dmm_m6%3D0.238~dmm_m7%3D0.344~dmm_m9%3D1.000~dmm_r%3D0.082~e_rpm%3D0.009~erpm%3D0.009~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_cc%3DCH~r_ip%3D83.76.129.0~r_sc%3DVD~rbo%3D5_3~ref_cnt%3D0~seller_tag_id%3Daswift_0_host~std%3Daswift_0_host~vbr%3D0~visibility%3D1~cbdp%3D0.014%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_0_host%7Esupply_tag_id%3D%7Edetected_tag_id%3Daswift_0_host%7Eviewability%3D0.89%7Epos%3D1%7Eac_type%3D1%7Eadblk%3D1812271804%7Eamp%3D1%7Eogbid%3D0.020%7Ebflr%3D0.010%7Esuid%3D%7Edtc%3Deu_be%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Ddefault%7Esobp%3D%7Exid%3DADX-pub-7139769428607423%7Ehtml%3D1%7Ead_pos%3D%7B%22t%22%3A0%2C%22p%22%3A4%7D%7Edcut%3D30%7Edogb%3D0-1%7Eecp_used%3Dbelow_q50%7Eecp_p50%3D0.78943%7Eecp_p75%3D1.45366~ibc%3D1~&utime=1011&sf=0&cpr=0.9017270477065338
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230911/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.224.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-224-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:43 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 12 Sep 2023 19:58:43 GMT
bql.php
lg3.media.net/ Frame A3F6 		15 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5856&&vgd_canary=0&vgd_l2type=scs_newfl&fp=ErB4_jC6xVG_jooe1fAe6GHD3AzXkv1a6_FSczhVpJ9RFbk8yXTsXevvLaciZmv5wqK2t-kZcz9_51jIsm6Pbn-z-d4hep_JswZfuTf8kAVOkPW8fWp07qjeKjaMtwu1&cme=u4EyFbLs_GTgAd_ur94i2eA4pccVkWlGECj-xH5HcH2KQOAmo21ykDZkGP_r0_8VK69XT299f3mFpxKqr5Aqf7X1B6JEav5D8b9rGWbLp7nhiiz2lIhuNJozyRgXqW2vQ01VOe2YZRCNMp7SRwWIxr2oWuVvAt8mMDOZRGj7TZyrvDUep8o8b_0kqDDmoRgOcYfwNHoRbt7h7iZfdiUKzF16ji7c7cnmr97WY4mOloCXuOI8Cm1rEQ%3D%3D%7C%7Cu8A6SM53vAcMveBith-GCr1DWkSX38tf%7CaLCZqGMhZ4JrFbUxTQgV9VoUbLfKfDC5%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CxDcVMoSqRIShEPgm9_3_Lm6ZwT4rR-oVV9eRefqLgYo3UPz4nMzRCA%3D%3D%7CINmI2Mq7KnH1eisjLXpQUFHUypmKicerc6WUIB0-0rH22EABwynDKnFHi_BG2yC6LN-TPaf-Yeuli1YADRnQb-4_gRIOd-4l5nttAmN12cbzYk8kdiXB3ckCCyrueb_Yu4W7AOhphLfF-w4QydMex-Aek3AQRM7iCGHMjiYvg7S81YC5YwFLa_wZowcd4FLvHhCIgg6_P-D64hDNd95dlw9eiLS2gGxQYBNTXPNqxG5fdPVTUzr0KqdbbJN3Yy6yMr3lELCZkAMZPlsZ_KW32gkDFuB86oAm%7C&subBdr=99&bdrid=462&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Contact+Customer+Service&kwt[]=391&kbc[]=1204677357&kwp[]=1&kid[]=6836139&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0008%7C8%3D091208%7C13%3D0.0631%7C14%3D091214%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.399&ktd[]=274911658240&kwd[]=10+Best+International+SIM+Cards&kwt[]=391&kbc[]=1204677357&kwp[]=2&kid[]=350801682&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0011%7C8%3D091208%7C13%3D0.0380%7C14%3D091214%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.399&ktd[]=274894881024&kwd[]=Take+Depression+Quiz&kwt[]=391&kbc[]=1204677357&kwp[]=3&kid[]=329920534&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0006%7C8%3D091208%7C13%3D0.0637%7C14%3D091214%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.399&ktd[]=4503874522251520&kwd[]=Top+10+Electric+Vehicles&kwt[]=391&kbc[]=1204677357&kwp[]=4&kid[]=316687202&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0005%7C8%3D091208%7C13%3D0.0538%7C14%3D091214%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.399&ktd[]=4503874539028736&kwd[]=Find+IP+Address&kwt[]=391&kbc[]=1204677357&kwp[]=5&kid[]=10851218&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0006%7C8%3D091208%7C13%3D0.0380%7C14%3D091214%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.399&ktd[]=4503874539028736&kwd[]=Jobs+for+Over+50&kwt[]=391&kbc[]=1204677357&kwp[]=6&kid[]=105932766&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0009%7C8%3D091208%7C13%3D0.0187%7C14%3D091214%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.399&ktd[]=274911658240&kwd[]=Local+Taxi+Service&kwt[]=391&kbc[]=1204677357&kwp[]=7&kid[]=17751267&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0006%7C8%3D091208%7C13%3D0.0266%7C14%3D091214%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.399&ktd[]=4503874522251520&v=1&gdpr=1&geo=46.52%7C6.61&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=CH&wsip=170774597&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3Dq%22%2C%22QQN75%22%3A%22j1xQ1zzJ%22%2C%22QQ8E%22%3A%22WA.hF.ufi.9%22%2C%22QQQN%22%3A%22sL8GmxLy%22%7D&cid=8CUF4MSM6&vi=1694548722607621321&vsid=DefVid&tdAdd[]=asnum%3D3303&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=13&vgd_tsce=L254-S254&vgd_l3_sc=ZH&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUSWW7U3&vgd_hb_audit_2=223734346&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=18601&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=lausanne&vgd_ifrmode=14&sttm=1694548722936&upk=1694548723.10360&hvsid=00001694548722936013975226885243&verid=3111299&sbdrId=99&tsrc=entity&vgd_l1rakh=1694548722174411083&vgd_ecrid=1700080807683300160060000059500&vgd_isiolc=1&kbbq=%26asn%3D3303&vgd_mcf=69506&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzvuuhh~GwEv9~G8Ov9.9F9~G-M1zNJQ7mLvuWoA*f9oA~G-M1QzvAA9A~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv999999u~G-MQ8lJvuF9-F99~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vR4TcaI_obPDoTKPbKII4~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvWX~OYYMOuiv999u~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9f~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9fi~OYYMYuv9.9fi~OYYMYu9vu.999~OYYMYuuv9.iFh~OYYMYufv9.uiW~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9u9~OYYMYuFv9.u99~OYYMYfv9.uHF~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAivuH.999~OYYMYH9vuH.999~OYYMYXvu.999~OYYMYXfv9.Wi9~OYYMYXAv9.X99~OYYMYXHvX.999~OYYMYXXv9.X99~OYYMYXhvu.999~OYYMYXiv9.XhX~OYYMYFv9.XhX~OYYMYhv9.AHX~OYYMYivu.999~OYYMLv9.u99~JMLEYv9.9fi~JLEYv9.9fi~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNv%3Dq~LM8EvWA.hF.ufi.9~LMQNvsDVRaPDZ~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8Ov1QB8k7MAMwmQ7~Q7Ov1QB8k7MAMwmQ7~eGLv9~e8Q8G8j875vu~NGOEv9.9AW~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MAMwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MAMwmQ7~e8JB1G8j875v9.Wi~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9A~1YEvu~myG8Ov9.9F9~GkjLv9.9u9~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~QmGEv~-8OvKrtoExGohuAihFiHfWF9hHfA~w7Yjvu~1OMEmQv%7B%227%22%3Au%2C%22E%22%3AH%7D~ONx7vAX~OmyGv9ou~JNEMxQJOvGJjmBM%20X9~JNEMEX9v9.W9WAh~JNEMEhXvu.fhXWW~8GNvu~&vgd_cfud=230323&vgd_scsver=173&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1073&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=ZH&vgd_l1rhst=contextual.media.net&hvsid=00001694548722936013975226885243&rc=0&rand=1694548723309&acid=f80c06afc835c083aa169df1f510a78f&matm=1694548723309&vgd_ltimesrc=1&vgd_ltime=635&vgd_rtime=632&vgd_etm=5&vgd_l1hcsd=Og4dd%7C5989&vgd_l1ch=1&vgd_lhl=1158&vgd_pgid=p1546313325t202309121958&vgd_csip=rtb-common-ccdf8f4fd-5pxhn.BE&vgd_sbSup=1&vgd_nrrs=18601&vgd_cdv=1073&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_matchstr=bcat%3Dg%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2607&&kkdd=A!%7Ch%7CuH*A3n9&69=NiE2m2!tZZi8tiZNqZN&X1Va=N&C*VO=8&S16=N8tq&b*SQ=dZm2&S91=!zF02I(Ii&SVS1=e1mC1_1tzznC7u_a-~aS9x%3D%3D&Sa91=!iqqqmNqi&*9fQ=Ni8Wi88&SS=z)&*S=B)&SKjC=)w_I-cH&V91=!T-_.)5BH&bV91=uN7qii!&KbbV*=N&aaa=*zlu7tURVO0D98mU89GmpnnVjcN0P9IRHLVM0nQhF!S%3D&j*Q=m&R~=N&MX1=2&O1bN=!zF(ootFq&O1bZ=ZZqtq2q2i&D1ObO=vDWsRQj%3DNNttvDKV%3D8vD91%3D8r8i8vDWsOjSQ*b3a%3DN!pqgZ8pqvDWsO*j%3Dqq8qvDWsQWV%3D8vDWsX9j*M%3D8vDWs9jbC1%3D8vDWsaK%3D2t.7xVL!)JvDWsaVS%3D888888NvDWs*9fQ%3DNi8Wi88vDWsbCOW%3DZm8vDWsbCRs*MUU9W%3D%2FvS9bh%3DJ7dI-cup(F_pdwF(wcc7vSPsUR%3D8v1S%3DXSVpQMp~Q*bNpDv1CCs1N%3D8v1CCs1N8%3D8v1CCs1NZ%3DNv1CCs1N2%3D8v1CCs1Nm%3DNv1CCs1Ni%3Dqv1CCs1Nt%3D8v1CCs1N!%3D!mv1CCs1NE%3D888Nv1CCs1Z%3Duv1CCs1ZN%3DpNv1CCs1ZZ%3D8r8Zv1CCs1Z2%3Dmv1CCs1Zm%3D1QUs1QUv1CCs1Z!%3Dmv1CCs1ZE%3D8r88v1CCs1q%3D8v1CCs1q8%3D8v1CCs1qZ%3D8v1CCs1qq%3D8v1CCs1qi%3Dcwv1CCs1qt%3Duv1CCs12%3DN8v1CCs128%3D8v1CCs12Z%3D8v1CCs12q%3D8v1CCs122%3DVa31v1CCs12m%3D8v1CCs12i%3D_v1CCs1mN%3D8v1CCs1mZ%3D8r88v1CCs1mi%3D8v1CCs1t%3D8v1CCs1!%3D8v1CCsR%3D8r8ZEv1CCsCN%3D8r8ZEv1CCsCN8%3DNr888v1CCsCNN%3D8rEitv1CCsCNZ%3D8rNE!v1CCsCNq%3DNr888v1CCsCN2%3DNr888v1CCsCNm%3DNr8N8v1CCsCNi%3D8rN88v1CCsCZ%3D8rN2iv1CCsCZN%3DNr888v1CCsCZq%3DNr888v1CCsCZ2%3DNr888v1CCsCZm%3DNr888v1CCsCZE%3DNr888v1CCsCq%3DNr888v1CCsCq8%3DNr888v1CCsCqZ%3D8r8N8v1CCsCq2%3DNr888v1CCsCqE%3DN2r888v1CCsC28%3DN2r888v1CCsCm%3DNr888v1CCsCmZ%3D8r!E8v1CCsCmq%3D8rm88v1CCsCm2%3Dmr888v1CCsCmm%3D8rm88v1CCsCmt%3DNr888v1CCsCmE%3D8rmtmv1CCsCi%3D8rmtmv1CCsCt%3D8rq2mv1CCsCE%3DNr888v1CCsa%3D8rN88vQsaVC%3D8r8ZEvQaVC%3D8r8ZEvKS%3D8%20%2B%208v9KO%3D8v9bhVQ%3Dw.YvasSS%3Dz)vas9V%3D!qrtirNZEr8vas*S%3D0_5J-F_lvaD3%3DmsqvaQUsSjb%3D8v*QRRQasbOXs91%3DO*~9UbsqsK3*bv*b1%3DO*~9UbsqsK3*bv6Da%3D8v69*9D9R9bh%3DNvSD1V%3D8r8q!v9bhVQs91%3DNtv*QRRQasbOXs91%3DO*~9UbsqsK3*bv*MVVRhsbOXs91%3Dv1QbQSbQ1sbOXs91%3DO*~9UbsqsK3*bv69Q~OD9R9bh%3D8r!EvV3*%3DNvOSsbhVQ%3DNvO1DRP%3DN!NZZtN!8qvOCV%3DNv3XD91%3D8r8i8vDURa%3D8r8N8v*M91%3Dv1bS%3DQMsDQv1CCsQaVC%3DUOR*Qv1CC%3DKOaC3jhvD1VSOV1%3D8v1ORX%3DMj9*3jNZv*3DV%3DvW91%3Dw.YpVMDptNqEtiE2Z!i8t2ZqvKbCR%3DNvO1sV3*%3D%7B%22b%22%3AN%2C%22V%22%3A2%7Dv1SMb%3Dqmv13XD%3D8pNvQSVsM*Q1%3DDQR3~sGm8vQSVsVm8%3D8r!8!qtvQSVsVtm%3DNrZtm!!v9DS%3DNv&jb6=8&CCC=VNzCEQFq31P_ic8moUlcFc((3~sa8Qau&9~=8&9j5Ua=N&D1a51=2iZ&CSU=iEm8i&h1*Va=N&DOQ=J2OcfcO%2FXX&PObVaQ=N&PObD91=pN8q&SO13CO9j=bf_pKdSRpdp)(Kc2ZpMMU1jm-YKZ9z8ciG1qZh25(SL4-)LsPhL3fX%3D%3D&9*91=m&O16=5j6Q*b3a%2003SM*&VX91=VNm2iqNqqZmbZ8Zq8ENZNEm!&**R1=%7B%22**9V%22%3A%22!qrtirNZEr8%22%2C%22**SS%22%3A%22z)%22%2C%22***S%22%3A%220a9D3MaX%22%2C%22**Sbh%22%3A%22ROM*OjjQ%22%7D&KbCR*aS=N&ure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.224.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-224-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Tue, 12 Sep 2023 19:58:43 GMT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Tue, 12 Sep 2023 19:58:43 GMT
truncated
/ Frame 0BA9 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ab2c579bd57b649954d98baba35a7a9cdab64b8e0f6884ef19d82ab2c3dd158

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A3F6 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A3F6 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A3F6 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 0BA9 		0
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cwlsb8cIAZcPmNpeA78EP_5SdyAKX5Zq3Yo62vv3nC8CNtwEQASAAYPWFgICUBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqAMByAMCqgTjAU_Qj5lQS-itI4mXyRPbEXwMvKZDDE7sr2RQkvKbNJb1FQoDobl7HyioHz-H1EWQ8qpqhS6khTOAKlgFyvdtEqIxhQBBaoL4wix0b6GQqDXOMC1vNaoN7EAdtkKwhjGDaYZtMTNjs8fCmKUMweiuBt13EKowVwUL3madPpyrbbelo4aMnQtjB25ygvIbsluNwOzarXvInEOtz_y8IEbeygQpe2b1XEQtnW52aYLWKOgc12g0iNLmdHrkvMNK96vc2XlpCi_hlkd2J279x8BF3SXhEAUXjXEGbrb9pySk-NZoG3izgAaqn4vpibTu0MYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MTM5NzY5NDI4NjA3NDIzGAA&sigh=zBDLhnkPauI&uach_m=[UACH]&cid=CAQSGwBpAlJW9RA0R2GKyKJUY1fpZMvFJt8Eq0OkdxgB&cbvp=2&vis=1
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230911/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Sep 2023 19:58:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Sep 2023 19:58:43 GMT
log
hblg.media.net/ Frame 0BA9 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAAUDE1NzAwMTM0MTg2OTgxXzEyOTAzMTg1OTlfMjIzNzM0MzQ2MTQ2MjFAZjgwYzA2YWZjODM1YzA4M2FhMTY5ZGYxZjUxMGE3OGacB7gehetRuK4_MGh0dHA6Ly9zcXdvcmwuY29tLzVkN2xzZARDSICE5LQK5AFNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYUc3F3b3JsLmNvbRI4Q1VTV1c3VTMIDjE2MHg2MDAKMC4wMzgKZXVfYmUGQURYCAhudXJsAAAAAAAAQFZAroXMr9FiAjEAAAAAAADwvzpydGItY29tbW9uLWNjZGY4ZjRmZC01cHhobi5CRT4xNzAwMDgwODA3NjgzMzAwMTYwMDYwMDAwMDU5NTAwAhBmNjYyYWEwNwJiAg&cbvp=2
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.224.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-224-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:43 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 12 Sep 2023 19:58:43 GMT
log
qsearch-a.akamaihd.net/ Frame 0BA9 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=f80c06afc835c083aa169df1f510a78f&algo=unison12&bdp=0.0600&bidfp=0.0100&capd=0&cc=CH&cid=8CUSWW7U3&crid=223734346&ct=lausanne&dc=eu_be&dfpbd=0.0384&dn=sqworl.com&iwb=1&ogcbdp=0.0600&other_bids=0.06&other_prv=462&pbshr=100.0000&prdp=0.0384&requrl=sqworl.com%2F5d7lsd%2F&sat=1&sc=Fribourg&sc_pvid=462&send_erpm=true&server=1&size=160x600&strg=harmony&totalTime=6781930&ugd=4&ver=9.6.1&cliIP=1397522688&time_stamp=2023-09-12%2019%3A58%3A42&seat=462&itype=adx&req_id=lxX9seGeDBP04p1o8qjn6Q&dim4=exploration&dfp_bucket=0.0&level_base=0&bdp_bucket=0.05&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&br_ver=89.0.4389.72&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_adx_2-cid_0&ogerpm=0.0000&ogerpm_used=false&rawbid=0.0600&totalTimeBucket=6&as_cache=1&sub_bidder=0&current_day=2.0&current_hour=19&cut=36&floor_bucket=0.00&model_version=202309111343_generic_adx_2-cid_0&erpm_bucket=0.00&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.8900&stid=aswift_3_host&pvid_seat=462_462&ckfl=0&mnckfl=0&sd=0&predicted_wr=55.6169&bdp_wider_bucket=1&adblk=1812271803&dim10=false&dmm_m9=0.0000&log_less=false&cut_bkt=35&dmm_d36=NA&advurl=related.investorfocus.net%2F&dmm_d10=0.0000&dmm_d22=0.02&bdmm_m5=1.0000&bdmm_m6=0.5750&bdmm_m7=0.3450&bdmm_m12=0.1980&dmm_l=0.1000&dmm_r=0.1000&e_rpm=0.0290&bdr_typ=2&url_l1=5d7lsd&clisp=rtb-common-ccdf8f4fd-5pxhn.BE&dmm_m1=2023-09-12%2019%3A58%3A42.009244201&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss_d1=0&ss_d2=0&dmm_m22=0.0000&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807683300160060000059500&erpm_mult=1.000000&zone=b&rc=-1&ecp_p50=0.80837&ecp_p75=1.27588&ecp_avg=0.69141&ecp_status=Success&ecp_used=below_q50&ecp_rtime=3943.0&sfm_key=mowx_System_462&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-8559dfd58b-9glzv&rel_cut_bkt=45&ecp_ver=default&djvm=9.5.8&cbvp=2
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Sep 2023 19:58:43 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 12 Sep 2023 19:58:43 GMT
bql.php
lg3.media.net/ Frame 52A1 		15 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5883&&vgd_canary=0&vgd_l2type=scs_newfl&fp=ErB4_jC6xVG_jooe1fAe6GHD3AzXkv1a6_FSczhVpJ9RFbk8yXTsXevvLaciZmv5wqK2t-kZcz9_51jIsm6Pbn-z-d4hep_JswZfuTf8kAVOkPW8fWp07qjeKjaMtwu1&cme=mQSGBNkSkKwu7BGlgi89Ye_KdLhyfV-cmafXvldOqdwJH70EcWw1dflDDAChvJciAywA0nuVcM7VFDqB-cmz5qZokXlyh_SfUuOrS9JUC2dKjvKW2cxfrQvKKolFV3kN0o8TonaWa1EaKfSaqeFvnOvMkO5Rj0j_VJImmprjHlmxOpGUEAgbyE11rbhZEQ4D9VRvBZkz3BmDobuCNK1QND6q4yQYMYnSc7ItWQ9NwXEdnYrgcBN-0A%3D%3D%7C%7Cu8A6SM53vAcMveBith-GCr1DWkSX38tf%7CaLCZqGMhZ4JrFbUxTQgV9VoUbLfKfDC5%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CxDcVMoSqRIShEPgm9_3_Lm6ZwT4rR-oVV9eRefqLgYo3UPz4nMzRCA%3D%3D%7Cmv_NCd-MOMuqpPNo11Qv1veSEYMknWmhqoi2x8pshKXSJ5RTRFIBlyZYXq_lly7Dxn-KRzgKyQLcYV-VmvXbsokeU7XC1jwLVAXkWlTgR-O0CHWabmxcyMzHR5nTf5Yb5mS2eOrVSrkn46OAvzP-4X3U0zxjWSd1hBkmk6zFux8Hpi9PtIzouJ_-wPkbGTG_ja-GiI6I_RXCotPCRMZdqP94_QIfix0gGapduP1MtRW5xOJ9KyoARSM9n-bgx7c8FWzs58Gqj2sMeiSMAC9S57ecDu0JBKvV%7C&subBdr=99&bdrid=462&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Contact+Customer+Service&kwt[]=391&kbc[]=1204677357&kwp[]=1&kid[]=6836139&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0008%7C8%3D091208%7C13%3D0.0631%7C14%3D091214%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.399&ktd[]=4503874539028736&kwd[]=10+Best+International+SIM+Cards&kwt[]=391&kbc[]=1204677357&kwp[]=2&kid[]=350801682&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0011%7C8%3D091208%7C13%3D0.0380%7C14%3D091214%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.399&ktd[]=4503874522251520&kwd[]=Take+Depression+Quiz&kwt[]=391&kbc[]=1204677357&kwp[]=3&kid[]=329920534&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0006%7C8%3D091208%7C13%3D0.0637%7C14%3D091214%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.399&ktd[]=274894881024&kwd[]=Top+10+Electric+Vehicles&kwt[]=391&kbc[]=1204677357&kwp[]=4&kid[]=316687202&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0005%7C8%3D091208%7C13%3D0.0538%7C14%3D091214%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.399&ktd[]=274911658240&kwd[]=Find+IP+Address&kwt[]=391&kbc[]=1204677357&kwp[]=5&kid[]=10851218&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0006%7C8%3D091208%7C13%3D0.0380%7C14%3D091214%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.399&ktd[]=4503874539028736&kwd[]=Jobs+for+Over+50&kwt[]=391&kbc[]=1204677357&kwp[]=6&kid[]=105932766&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0009%7C8%3D091208%7C13%3D0.0187%7C14%3D091214%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.399&ktd[]=274911658240&kwd[]=Local+Taxi+Service&kwt[]=391&kbc[]=1204677357&kwp[]=7&kid[]=17751267&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C7%3D0.0006%7C8%3D091208%7C13%3D0.0266%7C14%3D091214%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.399&ktd[]=274894881024&v=1&gdpr=1&geo=46.52%7C6.61&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=CH&wsip=170774850&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3Dq%22%2C%22QQN75%22%3A%22j1xQ1zzJ%22%2C%22QQ8E%22%3A%22WA.hF.ufi.9%22%2C%22QQQN%22%3A%22%2Fr%22%7D&cid=8CUF4MSM6&vi=1694548722223506514&vsid=DefVid&tdAdd[]=asnum%3D3303&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=13&vgd_tsce=L254-S254&vgd_l3_sc=ZH&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUSWW7U3&vgd_hb_audit_2=223734346&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=18601&vgd_nrrmf=41000c80a&vgd_nrrsf=scrr&vgd_cty=lausanne&vgd_ifrmode=14&sttm=1694548723013&upk=1694548723.12252&hvsid=00001694548723013013975226887248&verid=3111299&sbdrId=99&tsrc=entity&vgd_l1rakh=1694548722138453610&vgd_ecrid=1700080807683300160060000059500&vgd_isiolc=1&kbbq=%26asn%3D3303&vgd_mcf=69506&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzvuuhu~GwEv9~G8Ov9.9f9~G-M1zNJQ7mLvuWoA*f9oA~G-M1QzvAA9A~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u999u~G-MQ8lJvuF9-F99~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vR4TcaI_obPDoTKPbKII4~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvWX~OYYMOuiv999u~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9u~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9u9~OYYMYuv9.99i~OYYMYu9vu.999~OYYMYuuv9.iFh~OYYMYufv9.9Wf~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9u9~OYYMYuFv9.9Wf~OYYMYfv9.ufh~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAivuH.999~OYYMYH9vuH.999~OYYMYXvu.999~OYYMYXfv9.Wi9~OYYMYXAv9.X99~OYYMYXHvX.999~OYYMYXXv9.X99~OYYMYXhvu.999~OYYMYXiv9.fAW~OYYMYFv9.fAW~OYYMYhv9.AHH~OYYMYivu.999~OYYMLv9.9Wf~JMLEYv9.99i~JLEYv9.99i~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNv%3Dq~LM8EvWA.hF.ufi.9~LMQNv%2Fr~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~Q7Ov1QB8k7M9MwmQ7~eGLv9~e8Q8G8j875vu~NGOEv9.9uH~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~e8JB1G8j875v9.Wi~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.9f9~GkjLv9.9u9~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QmGEv~-8OvKrtoExGohuAihFiHfWF9hHfA~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~ONx7vA9~OmyGv9ou~JNEMxQJOvGJjmBM%20X9~JNEMEX9v9.hWiHA~JNEMEhXvu.HXAFF~8GNvu~&vgd_cfud=230323&vgd_scsver=173&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1073&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=5&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=ZH&vgd_l1rhst=contextual.media.net&hvsid=00001694548723013013975226887248&rc=0&rand=1694548723390&acid=8c00c0b17caffe7265f56e8fe39670cc&matm=1694548723390&vgd_ltimesrc=1&vgd_ltime=694&vgd_rtime=692&vgd_etm=8&vgd_l1hcsd=Og4dd%7C5989&vgda_l1btm=%5B%22PRLG%22%2C%22URLDC%22%5D&vgd_l1ch=1&vgd_lhl=1254&vgd_pgid=p1546313325t202309121958&vgd_csip=rtb-common-ccdf8f4fd-6qjbb.BE&vgd_sbSup=1&vgd_nrrs=18601&vgd_cdv=1073&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_matchstr=bcat%3Dg%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2599&&kkdd=A!%7C3%7C9Hn*A&666=K.D6Pwa9tu)bZE*0xvkEaE33tfYq*wqi&F-=.ZPA0ARzcccc90*Z0.A&VuKq=.&6NKQ=*&_uF=.*z9&7N_w=lc0A&_-u=RDaUAW3WZ&_K_u=Hu06ubuzDDh6Xibqjfq_-8%3D%3D&_q-u=RZ9990.9Z&N-Cw=.Z*(Z**&__=D1&N_=o1&_2B6=1GbWjEM&K-u=R5jby1eoM&7K-u=i.X9ZZR&277KN=.&qqq=NDkiXzvJKQUn-*0v*-g0IhhKBE.U)-WJM!KTUhwraR_%3D&BNw=0&Jf=.&TVu=A&Qu7.=RDa3xxza9&Qu7c=cc9z9A9AZ&nuQ7Q=mn(YJwB%3D..z.mn2K%3D*mn-u%3D*4*c*mn(YQB_wN7tq%3D.RI9sc*I9mn(YQNB%3D99*9mn(Yw(K%3D*mn(YV-BNT%3D*mn(Y-B76u%3D*mn(Yq2%3DAzyX8K!R1Lmn(YqK_%3D**.***.mn(YN-Cw%3D.Z*(Z**mn(Y76Q(%3Dc0*mn(Y76JYNTvv-(%3D%2Fm_-7r%3DLXlWjEiI3abIlGa3GEEXm_)YvJ%3D*mu_%3DV_KIwTIfwN7.Inmu66Yu.%3D*mu66Yu.*%3D*mu66Yu.c%3D.mu66Yu.A%3D*mu66Yu.0%3D.mu66Yu.Z%3D9mu66Yu.z%3D*mu66Yu.R%3DR0mu66Yu.P%3D***.mu66Yuc%3Dimu66Yuc.%3DI.mu66Yucc%3D*4*.mu66YucA%3D0mu66Yuc0%3DuwvYuwvmu66YucR%3D0mu66YucP%3D*4**mu66Yu9%3D*mu66Yu9*%3D*mu66Yu9c%3D*mu66Yu99%3D*mu66Yu9Z%3DEGmu66Yu9z%3Dimu66YuA%3D.*mu66YuA*%3D*mu66YuAc%3D*mu66YuA9%3D*mu66YuAA%3DKqtumu66YuA0%3D*mu66YuAZ%3Dbmu66Yu0.%3D*mu66Yu0c%3D*4**mu66Yu0Z%3D*mu66Yuz%3D*mu66YuR%3D*mu66YJ%3D*4*.*mu66Y6.%3D*4**Pmu66Y6.*%3D.4***mu66Y6..%3D*4PZzmu66Y6.c%3D*4*Rcmu66Y6.9%3D.4***mu66Y6.A%3D.4***mu66Y6.0%3D.4*.*mu66Y6.Z%3D*4*Rcmu66Y6c%3D*4.czmu66Y6c.%3D.4***mu66Y6c9%3D.4***mu66Y6cA%3D.4***mu66Y6c0%3D.4***mu66Y6cP%3D.4***mu66Y69%3D.4***mu66Y69*%3D.4***mu66Y69c%3D*4*.*mu66Y69A%3D.4***mu66Y69P%3D.A4***mu66Y6A*%3D.A4***mu66Y60%3D.4***mu66Y60c%3D*4RP*mu66Y609%3D*40**mu66Y60A%3D04***mu66Y600%3D*40**mu66Y60z%3D.4***mu66Y60P%3D*4c9Rmu66Y6Z%3D*4c9Rmu66Y6z%3D*49AAmu66Y6P%3D.4***mu66Yq%3D*4*RcmwYqK6%3D*4**PmwqK6%3D*4**Pm2_%3D*%20%2B%20*m-2Q%3D*m-7rKw%3DGyOmqY__%3DD1mqY-K%3DR94zZ4.cP4*mqYN_%3Dpymqnt%3D0Y9mqwvY_B7%3D*mNwJJwqY7QVY-u%3DQNf-v7Y*Y2tN7mN7u%3DQNf-v7Y*Y2tN7mFnq%3D*mF-N-n-J-7r%3D.m_nuK%3D*4*.Am-7rKwY-u%3D.zmNwJJwqY7QVY-u%3DQNf-v7Y*Y2tN7mNTKKJrY7QVY-u%3Dmuw7w_7wuY7QVY-u%3DQNf-v7Y*Y2tN7mF-wfQn-J-7r%3D*4RPmKtN%3D.mQ_Y7rKw%3D.mQunJ)%3D.R.ccz.R*AmQ6K%3D.mtVn-u%3D*4*c*mnvJq%3D*4*.*mNT-u%3Dmu7_%3DwTYnwmu66YwqK6%3DvQJNwmu66%3D2Qq6tBrmnuK_QKu%3D*muQJV%3DuwvQTJ7mNtnK%3Dm(-u%3DGyOIKTnIz.9PzZPAcRZ*zAc9m276J%3D.mQuYKtN%3D%7B%227%22%3A*%2C%22K%22%3AA%7Dmu_T7%3D9*mutVn%3D*I.mw_KYTNwu%3DnwJtfYg0*mw_KYK0*%3D*4zRPA9mw_KYKz0%3D.4A09ZZm-n_%3D.m&B7F=*&-f=*&-Bevq=.&nuqeu=AZc&6_v=ZP0*Z&ruNKq=.&nQw=LAQECEQ%2FVV&)Q7Kqw=.&)Q7n-u=I.*9&_Qut6Q-B=7CbI2l_JIlI132EAcITTvuB0jO2c-D*EZgu9crAe3_!pj1!Y)r!tCV%3D%3D&-N-u=0&QuF=eBFwN7tq%20Ut_TN&KV-u=K.0AZ9.99c07c*c9*P.c.P0R&NNJu=%7B%22NN-K%22%3A%22R94zZ4.cP4*%22%2C%22NN__%22%3A%22D1%22%2C%22NNN_%22%3A%22py%22%2C%22NN_7r%22%3A%22JQTNQBBw%22%7D&Kwqv=.&276JNq_=.&ure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.224.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-224-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Tue, 12 Sep 2023 19:58:43 GMT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Tue, 12 Sep 2023 19:58:43 GMT
truncated
/ Frame 1A92 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b1d5ad14fe5b55e92db8ac4157611683f1bc4a2c1509fdadcdeabdf5df2abd4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 52A1 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 52A1 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 52A1 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 1A92 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cpl6J8cIAZcTmNpeA78EP_5SdyAKX5Zq3Yo62vv3nC8CNtwEQASAAYPWFgICUBIIBF2NhLXB1Yi03MTM5NzY5NDI4NjA3NDIzyAEJqAMByAMCqgTjAU_QQjgIZCrqvjg1IlVIaBRaVsHa4uAhvmwj81qctpb1apDsQJIK7ig3ECMneoK7rYSvYDDx2gNa248vgNjfv1o6W3iz3FMm4slrsmxck3K5xLIaZrwPcOZGwB3-xNn93jpK5KyiyEZ10QHTgxoS4WR3ir06RMsdr8GlWQ1DVbIUoSaGpb2GDw1-ozCfsZyOWT6jFgaB_fMtbphjZELWrFMTCjoVUaPGkDZadTORMY9QJKm303Sq0A7XBkGWhaVu6K5CkqnY0EONi7qADuGlTvWb4OikA5ZPL-tcwmJb_GqiHNISgAaqn4vpibTu0MYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03MTM5NzY5NDI4NjA3NDIzGAA&sigh=mKu3XzEWAeE&uach_m=[UACH]&cid=CAQSGwBpAlJW9RA0R2GKyKJUY1fpZMvFJt8Eq0OkdxgB&cbvp=2&vis=1
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230911/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Sep 2023 19:58:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Sep 2023 19:58:43 GMT
log
hblg.media.net/ Frame 1A92 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAAUDIxNTY2MzU2MTMwNjI0XzE4NjQ3NzY2ODdfMjIzNzM0MzQ2MTQ2MjFAOGMwMGMwYjE3Y2FmZmU3MjY1ZjU2ZThmZTM5NjcwY2OcB3sUrkfhepQ_MGh0dHA6Ly9zcXdvcmwuY29tLzVkN2xzZARDSICE5LQK5AFNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYUc3F3b3JsLmNvbRI4Q1VTV1c3VTMIDjE2MHg2MDAKMC4wMTQKZXVfYmUGQURYCAhudXJsAAAAAAAAQFZAvIXMr9FiAjEAAAAAAADwvzpydGItY29tbW9uLWNjZGY4ZjRmZC02cWpiYi5CRT4xNzAwMDgwODA3NjgzMzAwMTYwMDYwMDAwMDU5NTAwAhBmNjYyYWEwNwJiAg&cbvp=2
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.224.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-224-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:43 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 12 Sep 2023 19:58:43 GMT
log
qsearch-a.akamaihd.net/ Frame 1A92 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=8c00c0b17caffe7265f56e8fe39670cc&algo=default&bdp=0.0200&bidfp=0.0100&capd=0&cc=CH&cid=8CUSWW7U3&crid=223734346&ct=lausanne&dc=eu_be&dfpbd=0.0144&dn=sqworl.com&iwb=1&ogcbdp=0.0200&other_bids=0.02&other_prv=462&pbshr=100.0000&prdp=0.0144&requrl=sqworl.com%2F5d7lsd%2F&sat=1&sc=VD&sc_pvid=462&send_erpm=true&server=1&size=160x600&strg=harmony&totalTime=8131620&ugd=4&ver=9.6.1&cliIP=1397522688&time_stamp=2023-09-12%2019%3A58%3A42&seat=462&itype=adx&req_id=CZcEL2Gdmjy6SukYmth1qw&dim4=exploration&dfp_bucket=0.0&level_base=0&bdp_bucket=0.0&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&br_ver=89.0.4389.72&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_adx_2-cid_0&ogerpm=0.0000&ogerpm_used=false&rawbid=0.0200&totalTimeBucket=8&as_cache=1&sub_bidder=0&current_day=2.0&current_hour=19&cut=28&floor_bucket=0.00&model_version=202309111343_generic_adx_2-cid_0&erpm_bucket=0.00&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.8900&stid=aswift_0_host&pvid_seat=462_462&ckfl=0&mnckfl=0&sd=0&predicted_wr=62.546&bdp_wider_bucket=1&adblk=1812271804&dim10=false&dmm_m9=0.0000&log_less=false&cut_bkt=30&dmm_d36=NA&advurl=related.investorfocus.net%2F&dmm_d10=0.0000&dmm_d22=0.01&bdmm_m5=1.0000&bdmm_m6=0.2380&bdmm_m7=0.3440&bdmm_m12=0.0820&dmm_l=0.0820&dmm_r=0.0820&e_rpm=0.0090&bdr_typ=2&url_l1=5d7lsd&clisp=rtb-common-ccdf8f4fd-6qjbb.BE&dmm_m1=2023-09-12%2019%3A58%3A42.016336410&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss_d1=0&ss_d2=0&dmm_m22=0.0000&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807683300160060000059500&erpm_mult=1.000000&zone=b&rc=-1&ecp_p50=0.78943&ecp_p75=1.45366&ecp_avg=0.68351&ecp_status=Success&ecp_used=below_q50&ecp_rtime=5523.0&sfm_key=mowx_System_462&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-8559dfd58b-hkdj2&rel_cut_bkt=55&ecp_ver=default&djvm=9.5.8&cbvp=2
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Sep 2023 19:58:43 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 12 Sep 2023 19:58:43 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230912-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Tue, 12 Sep 2023 19:58:43 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
714
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230121-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1694548724.710582,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
62
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
5577
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230912-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Tue, 12 Sep 2023 19:58:43 GMT
x-amz-request-id
AXB48TVMJDNAM2N4
age
9425
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by
cache-fra-eddf8230121-FRA
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694548724.710580,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
48
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
11414
/
pips.taboola.com/ 		4 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://sqworl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230121-FRA
date
Tue, 12 Sep 2023 19:58:44 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
http://sqworl.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
bqi.php
lg3.media.net/ Frame 0BA9 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2449&lf=3&&vgd_hb_audit_1=8CUSWW7U3&vgd_hb_audit_2=223734346&vgd_tsce=L254&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=1073&vgd_cage=0&vgd_rensize=160_600&vgde_bdata=~G-MjJzvuuhh~GwEv9~G8Ov9.9F9~G-M1zNJQ7mLvuWoA*f9oA~G-M1QzvAA9A~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv999999u~G-MQ8lJvuF9-F99~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vR4TcaI_obPDoTKPbKII4~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvWX~OYYMOuiv999u~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9f~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9fi~OYYMYuv9.9fi~OYYMYu9vu.999~OYYMYuuv9.iFh~OYYMYufv9.uiW~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9u9~OYYMYuFv9.u99~OYYMYfv9.uHF~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAivuH.999~OYYMYH9vuH.999~OYYMYXvu.999~OYYMYXfv9.Wi9~OYYMYXAv9.X99~OYYMYXHvX.999~OYYMYXXv9.X99~OYYMYXhvu.999~OYYMYXiv9.XhX~OYYMYFv9.XhX~OYYMYhv9.AHX~OYYMYivu.999~OYYMLv9.u99~JMLEYv9.9fi~JLEYv9.9fi~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNv%3Dq~LM8EvWA.hF.ufi.9~LMQNvsDVRaPDZ~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8Ov1QB8k7MAMwmQ7~Q7Ov1QB8k7MAMwmQ7~eGLv9~e8Q8G8j875vu~NGOEv9.9AW~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MAMwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MAMwmQ7~e8JB1G8j875v9.Wi~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9A~1YEvu~myG8Ov9.9F9~GkjLv9.9u9~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~QmGEv~-8OvKrtoExGohuAihFiHfWF9hHfA~w7Yjvu~1OMEmQv%7B%227%22%3Au%2C%22E%22%3AH%7D~ONx7vAX~OmyGv9ou~JNEMxQJOvGJjmBM%20X9~JNEMEX9v9.W9WAh~JNEMEhXvu.fhXWW~8GNvu~&vgd_lbt=1000&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CUF4MSM6&crid=863335136&rrr=sCGTE7flpaFbi05f0iq5-KKpnN1FkiMlYjpuFKeyU8c%3D&requrl=http%3A%2F%2Fsqworl.com%2F&vi=1694548722607621321&ugd=4&cc=CH&sc=ZH&bdrid=462&subBdr=99&startTime=1694548722930&l1ch=1&l1hcsd=l1!Og4dd|5989&mmm=p1Cm9eU3odkR6N05WfGNUNSSow_r0erT&sttm=1694548722936&upk=1694548723.10360&hvsid=00001694548722936013975226885243&acid=f80c06afc835c083aa169df1f510a78f&verid=3111299&infr=1&twna=1&stime=1694548722683&tsrc=entity&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1694548722174411083&vgd_sc=ZH&vgd_ecrid=1700080807683300160060000059500&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p1546313325t202309121958&vgd_pgids=1&vgd_end=1
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.224.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-224-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Tue, 12 Sep 2023 19:58:44 GMT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Tue, 12 Sep 2023 19:58:44 GMT
log
hblg.media.net/ Frame 0BA9 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwARAZjgwYzA2YWZjODM1YzA4M2FhMTY5ZGYxZjUxMGE3OGaUqa_VAZwHBENIFHNxd29ybC5jb20SOENVU1dXN1UzGmFzd2lmdF8zX2hvc3QOMTYweDYwMApldV9iZQQyMwZBRFgSOFBSMTEzSkdDBjQ2MgAaYXN3aWZ0XzNfaG9zdAIwOnJ0Yi1jb21tb24tY2NkZjhmNGZkLTVweGhuLkJFPjE3MDAwODA4MDc2ODMzMDAxNjAwNjAwMDAwNTk1MDACMAAiABBFWENIQU5HRQICYg&evttyp=1
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.224.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-224-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:44 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 12 Sep 2023 19:58:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0BA9 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu623MI53TsFrUk9ZV4uryqlBDcwtN3wGQSC70OXW11_yFNTiyYtgi7d-Gne2ZDZHqFzNJ6FVygdWQAytAOMH7qYpP36mf0Kus9dG50&sig=Cg0ArKJSzP2k1AmwJS0lEAE&id=lidar2&mcvt=1000&p=0,0,604,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1694548722674&rpt=546&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
lg3.media.net/ Frame 1A92 		35 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CUF4MSM6&vi=1694548722223506514&hvsid=00001694548723013013975226887248&cdv=1073&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=336&l2s_downloadTime=6&l2s_total=342&l2s_start=328&l2s_sslTime=0&l2s_trfSize=28.5&l2s_decSize=73.1&l2s_encSize=28.2&l2s_nhp=h2&l2s_host=contextual.media.net&bql_total=66&bql_start=375&bql_host=lg3.media.net&l1s_dnsTime=0&l1s_connectionTime=0&l1s_waitTime=203&l1s_downloadTime=12&l1s_total=216&l1s_start=9&l1s_sslTime=0&l1s_trfSize=36.9&l1s_decSize=96.7&l1s_encSize=36.6&l1s_nhp=h2&l1s_host=contextual.media.net&gdpr=1&mspa=0
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.224.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-224-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Sep 2023 19:58:44 GMT
Strict-Transport-Security
max-age=21600
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 12 Sep 2023 19:58:44 GMT
bqi.php
lg3.media.net/ Frame 1A92 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2483&lf=3&&vgd_hb_audit_1=8CUSWW7U3&vgd_hb_audit_2=223734346&vgd_tsce=L254&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=1073&vgd_cage=0&vgd_rensize=160_600&vgde_bdata=~G-MjJzvuuhu~GwEv9~G8Ov9.9f9~G-M1zNJQ7mLvuWoA*f9oA~G-M1QzvAA9A~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u999u~G-MQ8lJvuF9-F99~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vR4TcaI_obPDoTKPbKII4~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvWX~OYYMOuiv999u~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9u~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9u9~OYYMYuv9.99i~OYYMYu9vu.999~OYYMYuuv9.iFh~OYYMYufv9.9Wf~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9u9~OYYMYuFv9.9Wf~OYYMYfv9.ufh~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAivuH.999~OYYMYH9vuH.999~OYYMYXvu.999~OYYMYXfv9.Wi9~OYYMYXAv9.X99~OYYMYXHvX.999~OYYMYXXv9.X99~OYYMYXhvu.999~OYYMYXiv9.fAW~OYYMYFv9.fAW~OYYMYhv9.AHH~OYYMYivu.999~OYYMLv9.9Wf~JMLEYv9.99i~JLEYv9.99i~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNv%3Dq~LM8EvWA.hF.ufi.9~LMQNv%2Fr~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~Q7Ov1QB8k7M9MwmQ7~eGLv9~e8Q8G8j875vu~NGOEv9.9uH~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~e8JB1G8j875v9.Wi~EmQvu~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.9f9~GkjLv9.9u9~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QmGEv~-8OvKrtoExGohuAihFiHfWF9hHfA~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~ONx7vA9~OmyGv9ou~JNEMxQJOvGJjmBM%20X9~JNEMEX9v9.hWiHA~JNEMEhXvu.HXAFF~8GNvu~&vgd_lbt=5&vgda_l1btm=%5B%22PRLG%22%2C%22URLDC%22%5D&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CUF4MSM6&crid=863335136&rrr=sCGTE7flpaFbi05f0iq5-KKpnN1FkiMlYjpuFKeyU8c%3D&requrl=http%3A%2F%2Fsqworl.com%2F&vi=1694548722223506514&ugd=4&cc=CH&sc=ZH&bdrid=462&subBdr=99&startTime=1694548723008&l1ch=1&l1hcsd=l1!Og4dd|5989&mmm=p1Cm9eU3odkR6N05WfGNUNSSow_r0erT&sttm=1694548723013&upk=1694548723.12252&hvsid=00001694548723013013975226887248&acid=8c00c0b17caffe7265f56e8fe39670cc&verid=3111299&infr=1&twna=1&stime=1694548722707&tsrc=entity&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1694548722138453610&vgd_sc=ZH&vgd_ecrid=1700080807683300160060000059500&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p1546313325t202309121958&vgd_pgids=1&vgd_end=1
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.224.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-224-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Date
Tue, 12 Sep 2023 19:58:44 GMT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Tue, 12 Sep 2023 19:58:44 GMT
log
hblg.media.net/ Frame 1A92 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=Ae4FMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwARAOGMwMGMwYjE3Y2FmZmU3MjY1ZjU2ZThmZTM5NjcwY2OUqa_VAZwHBENIFHNxd29ybC5jb20SOENVU1dXN1UzGmFzd2lmdF8wX2hvc3QOMTYweDYwMApldV9iZQQyMwZBRFgSOFBSMTEzSkdDBjQ2MgAaYXN3aWZ0XzBfaG9zdAIwOnJ0Yi1jb21tb24tY2NkZjhmNGZkLTZxamJiLkJFPjE3MDAwODA4MDc2ODMzMDAxNjAwNjAwMDAwNTk1MDACMAAiABBFWENIQU5HRQICYg&evttyp=1
Requested by
Host: sqworl.com
URL: http://sqworl.com/5d7lsd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.224.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-224-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:44 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 12 Sep 2023 19:58:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A92 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxxjv9wyDhJz2Ejp0Bdhv4ouqmZV0yeHPLZfD_5apPRi0-_aNXyB7yYZPtoVP1E0KhjHk85OUlkpwM6N6-eThtUT7BU2RqAPMc0pdz&sig=Cg0ArKJSzCV8Oep7-2h3EAE&id=lidar2&mcvt=1000&p=0,0,604,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230911&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1694548722699&rpt=545&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 19:58:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| html5 object| Modernizr function| yepnope object| _iub object| adsbygoogle function| $ function| jQuery string| groupID function| openall string| GoogleAnalyticsObject function| ga function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter object| _taboola object| __twttrll object| twttr object| __twttr number| PIN_19612 object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| PIN_1694548721326 string| value object| key object| PinUtils object| TRC function| _typeof object| _tblConsole undefined| msg object| dataLayer function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| placementData function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager object| googletag object| __buffer object| google_llp function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray

9 Cookies

Domain/Path Name / Value
sqworl.com/ Name: PHPSESSID
Value: llv86196voatsj65k4i2co2s17
.sqworl.com/ Name: _ga
Value: GA1.2.404129918.1694548721
.sqworl.com/ Name: _gid
Value: GA1.2.359994503.1694548721
.sqworl.com/ Name: _gat
Value: 1
sqworl.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D4332f91b-65ff-4324-bba8-21899423b1e0-tuctbfa4871
.sqworl.com/ Name: _ga_HVD4KN0Q8F
Value: GS1.2.1694548721.1.0.1694548721.60.0.0
.sqworl.com/ Name: __gads
Value: ID=9f15b204eea3d18c-22522ceb6ede0067:T=1694548722:RT=1694548722:S=ALNI_MYx03OI5mIAmNQ8zlpWRR32CXfQag
.sqworl.com/ Name: __gpi
Value: UID=00000c741c8a7dcf:T=1694548722:RT=1694548722:S=ALNI_MasZdlNOroc8FUqJUd1nhvcWHvJEg
.doubleclick.net/ Name: IDE
Value: AHWqTUm_EdsOIXblD0bICHKCAZ2s0zU_NQp7HvDGYeda2xDeTgaYJ4rF3IGUEGMVWis

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.pinterest.com
cdn.iubenda.com
cdn.taboola.com
ch-trc-events.taboola.com
connect.facebook.net
contextual.media.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hblg.media.net
image.thum.io
lg3.media.net
log.pinterest.com
p.skimresources.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
platform.twitter.com
qsearch-a.akamaihd.net
r.skimresources.com
region1.analytics.google.com
s.skimresources.com
sqworl.com
stats.g.doubleclick.net
syndication.twitter.com
t.skimresources.com
tpc.googlesyndication.com
trc.taboola.com
warp.media.net
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.iubenda.com
104.123.44.23
104.236.103.127
104.244.42.8
108.177.15.155
141.226.124.48
142.250.185.174
142.250.185.196
142.250.185.74
142.250.185.98
142.250.186.129
142.250.186.131
142.250.186.66
142.250.186.98
146.75.116.84
151.101.1.44
151.101.64.84
151.101.65.44
151.139.128.10
157.240.251.9
169.150.247.37
169.150.247.39
172.217.16.194
172.217.18.10
172.217.18.3
178.250.1.11
192.229.233.25
216.239.32.36
216.58.206.40
23.216.77.36
23.35.224.23
35.190.59.101
35.190.91.160
35.201.67.47
52.222.214.46
93.184.220.66
95.101.148.20
00ec85c0cc06a8b7b7a6414d218d2b5c80b4c8d5e65a1fee03b9a48ed1c232d2
06ec94c6f183b0450ee88b453cc5dcf08708d666c87a76c6d48dda51b0d6886a
06f1bd029bb57ef9b4aace3a36a730983913dee2d416b55cae48dc435e20c765
08443e683a660e169a422c4cd20d7d2a478439ff5a6906050915f2387b68b2f4
0889308c17c381d319d123a50a0aaafa256f57c667e1309510a90311edf404eb
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0ab2c579bd57b649954d98baba35a7a9cdab64b8e0f6884ef19d82ab2c3dd158
0bda864afbffb20a6b73690725ba43bff5c701fd29bb02bd3dcce2c00bacde9b
0c4a1f78c32fa975cccbc35ac2fc2cf186506b408f3256f039d820e456597de0
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13f69fb9d246edd6b451b2b31124dcf540a2612bb5b5ddf0be757e812cb03525
15c390fc54814643250ccf0ab0530dcf3c0b86e6293b46c3e55fa861c4bd394e
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1ab792c83fc80e65cc1af465f47a72c4313366381ca8efde6aef1359f6cf83cf
1b1f73e179c24870a8c0637a9742bd3dfd86ca76767a0a2cd3f11293219dce2b
1f02861111cc7739ffb33ad5dacdd437a04d8bf2a49a1112e3bf2a736d0ef0bf
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
22da01693f4a80c11dbf4f02d3ecc9a0f0cf9a000f7d72ff0b40e475f4fa0eec
296021c91b01be4129994cf73621317625b7a80eaf234241408fa85cb5c54902
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3883953ece04ad3f10b29882c2d75b7dfed7c4fc3a2505063b78cb6549038645
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3a585399acea802506b248a0f83926def3bc57198d35a8e48dadd149c556f2b1
3aec2b233c010f1f2213ecf8360d509f3eeca34f69d162335aefa01fe0035e2f
3bb4df49a9ede837dbe5a1945719ec3345b1b5d87f723560a881f139c582a8a2
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
46e5365ad8d0b582339cfdcdb3c58df70a9b6f042b29545090b5ad192fcfc31f
4ce9f81b56777ca98376cd7e29fe960ae0bde99fe0c4824cbd1bc4227f5794d1
51c60c57165865a8c04a1afba57c11cab765efc756c408b891cea04574ef5b2c
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5b1d5ad14fe5b55e92db8ac4157611683f1bc4a2c1509fdadcdeabdf5df2abd4
5e239003ea3b13d6986a72547609b55de0f30b600e6e71fbc8978476f7f08a07
67b2a3e28c0d6e105b04a4806b84c02cede9775d5ba3be5bd57fb80772724952
6979988bde92592ac03e75f4b110934f4b8f17a0d9ec0b38406d85cfbcb8b12c
78071da13246f39ba3a497e432cbbebe9148fed51d4e61a06601630ed161229e
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
804c35a73c2bd855a210967fd730d2f644992e5e6da6f806db9222d1404b120a
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96
8a420a49be88aa874eca839048a4b6f33ddb4d1067bc4e3961636ca0715aa01c
94df1760fae1e5ec8c648744e5f7b4f22b21383b9e3f219becc64191d9baff58
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
9b014953d4912ff90b6821e5f8949941e60fdc5d30badf7aecb660b617f99ad1
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b
ac1aee30854f122612352afc6983bb155ad77cb3b790d188e3eefcd5e137e153
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afec3f17cba6217cc5a0353cf739bddf81ffc1a9d02783c7ce6f593436ebdaea
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b5fc8bbd9e6c8c100bab61f9f725cbf7fdd41ac27429ed8b5ddafbe619084e44
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c9ce932a23de6195c13355d37d42ed655a4a8ad66a66c1754e442577c1d7e407
cc474fed0d86d83941b17c1544f2f8aa03a828763c002131dccd7d17d0c74107
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d5e7d7480f5f79ef3fead301dcf49022894752e12e3c3f5a03ba09d162c4b641
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfbc283c88af460780a5369c1affade5b5b27a97a9663b1a5484c4dacaccb354
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65924215524ab5ecc9cf5370aab6a8296fdb74c463022dd2b970b8a41232464
ed9afdf43a0056c59023d00bab1de18189dbe138e6bccf7ce470c4034f60aaf3
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd4ae80092c8345f01a795ce02311a8344603761183e6b5cb8a8792ec58cae7
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf