Submitted URL: http://fivesjs.skipser.com/
Effective URL: https://fivesjs.skipser.com/
Submission: On January 05 via api from US — Scanned from DE

Summary

This website contacted 20 IPs in 2 countries across 16 domains to perform 67 HTTP transactions. The main IP is 147.182.249.38, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is fivesjs.skipser.com.
TLS certificate: Issued by R3 on December 29th 2023. Valid for: 3 months.
This is the only time fivesjs.skipser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
409 KB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
82 KB
7 skipser.com
fivesjs.skipser.com
www.trex-game.skipser.com
154 KB
6 gstatic.com
fonts.gstatic.com
p4-d62l6nzidehlo-4mmmflz3l7eulon7-if-v6exp3-v4.metric.gstatic.com
p4-fivoapjbes3s4-tguvt7kiwinop5tg-if-v6exp3-v4.metric.gstatic.com
62 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1679
syndication.twitter.com — Cisco Umbrella Rank: 1999
148 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 173
3 google.com
www.google.com — Cisco Umbrella Rank: 6
863 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
129 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 770
137 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
89 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
15 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1695
257 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
85 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1219
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
37 KB
67 16
Domain Requested by
13 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
10 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 pagead2.googlesyndication.com fivesjs.skipser.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 fivesjs.skipser.com 1 redirects fivesjs.skipser.com
4 www.googleadservices.com fivesjs.skipser.com
4 platform.twitter.com fivesjs.skipser.com
platform.twitter.com
3 www.google.com 2 redirects tpc.googlesyndication.com
2 p4-fivoapjbes3s4-tguvt7kiwinop5tg-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-fivoapjbes3s4-tguvt7kiwinop5tg-if-v6exp3-v4.metric.gstatic.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 p4-d62l6nzidehlo-4mmmflz3l7eulon7-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-d62l6nzidehlo-4mmmflz3l7eulon7-if-v6exp3-v4.metric.gstatic.com
2 static.xx.fbcdn.net www.facebook.com
2 syndication.twitter.com platform.twitter.com
fivesjs.skipser.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com fivesjs.skipser.com
2 connect.facebook.net fivesjs.skipser.com
connect.facebook.net
1 www.facebook.com connect.facebook.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.trex-game.skipser.com fivesjs.skipser.com
1 www.googletagmanager.com fivesjs.skipser.com
1 code.jquery.com fivesjs.skipser.com
1 cdnjs.cloudflare.com fivesjs.skipser.com
67 21

This site contains links to these domains. Also see Links.

Domain
www.trex-game.skipser.com
Subject Issuer Validity Valid
fivesjs.skipser.com
R3
2023-12-29 -
2024-03-28
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-28 -
2024-07-26
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
trex-game.skipser.com
R3
2023-12-30 -
2024-03-29
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-10-14 -
2024-01-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
syndication.twitter.com
R3
2023-12-11 -
2024-03-10
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 16 frames:

Primary Page: https://fivesjs.skipser.com/
Frame ID: F02DD98415B3ED7BB9A6C140084E0ABD
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html
Frame ID: EC0A6FC2B6B57A35A86ADD035445DCF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&adk=1812271804&adf=3025194257&lmt=1663183764&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772051&bpp=5&bdt=350&idt=379&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7713146617907&frm=20&pv=2&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=389
Frame ID: 36A73179AFD06FE8BD8EDEAAFE1EA484
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772080&bpp=1&bdt=379&idt=367&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=370
Frame ID: 6EFDFC4496B5A5B170656E5E7CF6B4B4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772096&bpp=1&bdt=396&idt=356&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=357
Frame ID: A5917F61DE19EDD0DF0880FD830DFEF6
Requests: 10 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Ffivesjs.skipser.com
Frame ID: 91363F6C3669835C760917DF3241CE1E
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/share_button.php?app_id=644661793233564&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9695c7f7a6284%26domain%3Dfivesjs.skipser.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffivesjs.skipser.com%252Ff189b2453bb6d74%26relation%3Dparent.parent&container_width=672&href=https%3A%2F%2Ffivesjs.skipser.com%2F&layout=button_count&locale=en_US&sdk=joey
Frame ID: 2CC971E3084DB88BE155DB0A001BE647
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: D65D70699303342512A9F3B560B896CA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0E7606008F065B6BCDBA53998F371E65
Requests: 2 HTTP requests in this frame

Frame: https://p4-d62l6nzidehlo-4mmmflz3l7eulon7-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 0C94C0AB26383B086F55DF1E50FA5884
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3C472DFB5CE8DFBC2CF85F4235099737
Requests: 2 HTTP requests in this frame

Frame: https://p4-fivoapjbes3s4-tguvt7kiwinop5tg-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 35F662F44EC45D58AE30B28B500777F8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 7A89175DE6B33BC7DF363F86C4DE2F85
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 5425B97D2EA4B7190DF6E937F6A0D61A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 46D37B0080E95EBB0A21AA6BF412059D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7169FF89D7B3EDA750BA9BE50E7B0B67
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Fives JS

Page URL History Show full URLs

  1. http://fivesjs.skipser.com/ HTTP 301
    https://fivesjs.skipser.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

97 %
HTTPS

74 %
IPv6

16
Domains

21
Subdomains

20
IPs

2
Countries

1380 kB
Transfer

9012 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fivesjs.skipser.com/ HTTP 301
    https://fivesjs.skipser.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 51
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 55
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CMggYpOKXZdXCHuDa1fAP7riUgA7Oo_qUdYmI1oOkEp7zwbKKDhABIO-o7osBYJXikIKgB6ABnK_7qALIAQKoAwHIA8kEqgTTAU_QL_djH1rPBPTdcu1C8_6r71e7s9fmqy3Q6HFIuIlH7QV8yVJZRL8OCaYmbyVACwrCQKxGct6RLrV8UHoRx0mpCuoMKfeBzSG-XQ4X9DkL-6Fw7XxHg9iWVfQEcm9mWmwUO_W_Aa2k4QDG09Ay8-GWMbcFJEtaCAO9EAdB6xcZfjtSPbgsdmI0ODhZsn9peKQaU3dSd20FFb8RBB5nLGWsUwyyRYxB0e83cRCHL98uz0V8n2U9yXP5v4mzWzGIrYjQhy_2yYyMxsxOux0H0zfDMdjABOuajZvNBIgFjsTI8U2SBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRCsxIoC0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliohqqwjcaDA5oJ5gFodHRwczovL3d3dy5oZXJvLXdhcnMuY29tLz9kZWxheWVkc2lnbnVwPXRydWUmbnhfc291cmNlPWFkeF9hZHdvcmRzZGlzcGxheS5od193Yl91Y18tLmNjLWRlLmctbS5hLTI1NTQuYXUtYWxsLm9wdC1wdXJjaGFzZTIuY29tLW5ld2FjLmNyLWxlZ2FjeWxvb3Q5OGEuY24tMzM2XzI4MC5scC1kZWxheWVkLmR0LWRpc3BsYXkuY2lkLTIwOTA3Njk2NjU0LmFnaWQtMTU4MTY1MzIzMTE1LmNzZC0wMzAxMjQuLYAKAcgLAaIMCCoGCgS7u7EC2BMN0BUBmBYBgBcBshccChoIABIUcHViLTUyODkzMjE5NDE1OTc1MTEYAA&sigh=Frheb09rK5o&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_Hwo1KOd9DVjJ4j86f7w91ps29IAuiUepQ7gbRKG4Qxh3Lh0UF3b0XCJJVgE9-YrigdD_55_V2rn1fN6xUod3oe6Lf8St9wr3G_wYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225122670691811972809%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22622778268%22],%2222%22:[%22true%22],%224%22:[%2201-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222789273374034305665%22}&andc=true
Request Chain 58
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CaquDpOKXZZ6jHrvI1fAPx-6quAKYtqv3dMmTl5ziEZ7zwbKKDhABIO-o7osBYJXikIKgB6AB1tva_ALIAQKpApjnTqE6L4E-qAMByAPJBKoE3wFP0Op9ZL8GdnHwXB0w5eAPRAsN5TDubCmm12jREKl9LFT6agtRdJx3nQbH6rAIiW3pILrhjBjVL3aHMA7WES27qjMdgApeaJOqqiYNs_IjA7XKmY0cVJ5FWjAI3J6sW20WvhQK6yy1-41zrciHiluTySDP2Fl3OhftzwR7i-K-3r0TtRwD_PDQnRlq53Qy--5g3OVxOQPUCtPFFF9Zw2Id1E1ksxUFvZW5lFY9CNCuMEbgwdxc2ylTM999LQnd2DuzegJqstAYeO9PG_SdXlInzRp8snGzbBRpIkjPGEuAwASalvrWyQSIBYaZzbFNkgUECAQYAZIFBAgFGASgBgKAB7br6swDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ5pB10ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlix6KmwjcaDA5oJIGh0dHBzOi8vdGhlYWJjbGVhcm5pbmcuY29tL3NoYXJlgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTUyODkzMjE5NDE1OTc1MTEYAA&sigh=1QwUWrMSUBw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_Of0NLCsFcJudCMQaXkb2biL7ISauU15uXwTuNLikDvpkMeWxDYZXTCY3obGiS6Uw7Q_AjwQDOzR5Sou5SYk3SrXf5SCJ9eJIh5EYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211043167542296567317%22,%22debug_reporting%22:true,%22destination%22:%22https://theabclearning.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%2222%22:[%22true%22],%224%22:[%2201-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226226996566677695665%22}&andc=true

67 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
fivesjs.skipser.com/
Redirect Chain
  • http://fivesjs.skipser.com/
  • https://fivesjs.skipser.com/
10 KB
5 KB
Document
General
Full URL
https://fivesjs.skipser.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
147.182.249.38 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.1 / Express
Resource Hash
4b4545ee77e9a4300e318d2074673c5a72f614f3aee0c43b75cf8febfdb5de16

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
public, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Jan 2024 11:06:11 GMT
ETag
W/"299c-1833d7a3c7a"
Last-Modified
Wed, 14 Sep 2022 19:29:24 GMT
Server
nginx/1.23.1
Transfer-Encoding
chunked
X-Powered-By
Express

Redirect headers

Connection
keep-alive
Content-Length
169
Content-Type
text/html
Date
Fri, 05 Jan 2024 11:06:10 GMT
Location
https://fivesjs.skipser.com/
Server
nginx/1.23.1
html2canvas.min.js
cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.4/
192 KB
37 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.4/html2canvas.min.js
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba893425305488e76a3dae637e7d078a8005b9c53d66131cb428f2120cfa0336
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 11:06:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1304798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37253
last-modified
Wed, 29 Dec 2021 19:35:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61ccb892-9185"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zk089n6jHIKEdXOXGk5WL6%2BASeANkWL4rzBWVEM%2BMkEQBNSN2pPeGGtzzK2Y01jWyCHmYAPQm8P6o7TX8fgUCpl%2BUU0b9WDg3M%2B%2BCKKkNSmNY6gRZT8oNS9pnjaXWDchZkY%2FKPFKz1jo8Mt%2FZs1CKkTX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
840b401f4b2671d1-FRA
expires
Wed, 25 Dec 2024 11:06:11 GMT
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://fivesjs.skipser.com/
Origin
https://fivesjs.skipser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 11:06:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3850154
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230045-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1704452772.721592,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
4, 2060324
js
www.googletagmanager.com/gtag/
244 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BN0GL614BJ
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1d2caa8ee1da2d3bbea4938d7c0a0a0684a699d5a251894db2b4c2411b7c885f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 11:06:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86301
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Jan 2024 11:06:11 GMT
54552a3dd3c3b752b36c.js
fivesjs.skipser.com/
135 KB
135 KB
Script
General
Full URL
https://fivesjs.skipser.com/54552a3dd3c3b752b36c.js
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
147.182.249.38 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.1 / Express
Resource Hash
351fa95562751dce794104819f7e6200c7390fb542c07e60260e98ab9a7b6e6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 11:06:11 GMT
Last-Modified
Wed, 14 Sep 2022 19:29:24 GMT
Server
nginx/1.23.1
X-Powered-By
Express
ETag
W/"21b31-1833d7a3c7a"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
138033
54552a3dd3c3b752b36c.css
fivesjs.skipser.com/
4 KB
4 KB
Stylesheet
General
Full URL
https://fivesjs.skipser.com/54552a3dd3c3b752b36c.css
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
147.182.249.38 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.1 / Express
Resource Hash
2f60eda7f1ba6695a87b6434f556c05553a0e8e06e7f0a9ace7520aa9e3a20be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 11:06:11 GMT
Last-Modified
Wed, 14 Sep 2022 19:29:24 GMT
Server
nginx/1.23.1
X-Powered-By
Express
ETag
W/"f3a-1833d7a3c7a"
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3898
widgets.js
platform.twitter.com/
91 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674B) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 11:06:11 GMT
Content-Encoding
gzip
Age
753
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (frb/674B)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
147 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5289321941597511
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
214086b743603d734e84240b6de2179e31e445229c26d91326822d8575c16a7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fivesjs.skipser.com/
Origin
https://fivesjs.skipser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 11:06:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51469
x-xss-protection
0
server
cafe
etag
16255714715439863968
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 11:06:11 GMT
play_trex.png
www.trex-game.skipser.com/
9 KB
9 KB
Image
General
Full URL
https://www.trex-game.skipser.com/play_trex.png
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
147.182.249.38 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
a2483b0e9a24938c0d13b7896441ae1d347467e7ce79e03121e4b5ceca20290f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 11:06:12 GMT
Last-Modified
Thu, 25 Aug 2022 22:49:53 GMT
Server
nginx/1.23.1
ETag
"6307fc91-24b2"
Content-Type
image/png
Access-Control-Allow-Origin
https://fivesjs.skipser.com
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9394
sdk.js
connect.facebook.net/en_US/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
565a4af97c9384ad86fb4b453b895b3cb6357616d07a602e86e7f417442b8be2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://fivesjs.skipser.com/
Origin
https://fivesjs.skipser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 Jan 2024 11:06:11 GMT
content-md5
CbahfGjYxXwyFQfaSg+2uQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
EPveOXyFzaLpX4daNbRmQMw4Xt5vs+LWhAhAueDaWdCGBknXZ/z5cxV0itK1YMjToVkvz1B84Q1x+2hYi5AfNA==
x-fb-content-md5
1a99dd81f4235d0ea7aafb9676f9511f
cross-origin-opener-policy
same-origin-allow-popups
etag
"81262c0a5ada98fcb5bc0bf4c649f4b4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 05 Jan 2024 11:06:57 GMT
truncated
/
566 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ca7c6fba3ad150eb5a978fec7a31c496d31fc77fd01d146602227099ca4e5c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
645 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29d5360d9bf6371345b34c851c425f0f7806c1d48aec3cd553fae1f103772bc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/
5 KB
672 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito:300,400,700
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/54552a3dd3c3b752b36c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d18eb3df91dedac8a747ab0b94010ee4e9a62c2469b0b4afd7e1527df8cc678b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 11:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 10:46:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 11:06:12 GMT
css2
fonts.googleapis.com/
1 KB
866 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=VT323&display=swap
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/54552a3dd3c3b752b36c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0d3ef139520233243274cdc34e72ad1f57d39c27768a236907fe89ca7fa0f77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 11:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 11:06:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 11:06:12 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/
403 KB
136 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5289321941597511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4305554e8b8b21effaef9da26969c386a52ce787bc4cbde6bb9d0cd8b47a5a25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 11:06:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139427
x-xss-protection
0
server
cafe
etag
18366978814221904817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 11:06:12 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/ Frame EC0A
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5289321941597511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fivesjs.skipser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69764
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 15:43:28 GMT
etag
9219409622527106327
expires
Thu, 18 Jan 2024 15:43:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/
38 KB
38 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fivesjs.skipser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 20:10:54 GMT
x-content-type-options
nosniff
age
312918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39124
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 20:10:54 GMT
collect
region1.google-analytics.com/g/
0
257 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BN0GL614BJ&gtm=45je4130v877309728&_p=1704452771754&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1344377630.1704452772&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704452772&sct=1&seg=0&dl=https%3A%2F%2Ffivesjs.skipser.com%2F&dt=Fives%20JS&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1568
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BN0GL614BJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 11:06:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fivesjs.skipser.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pxiKyp0ihIEF2isfFJU.woff2
fonts.gstatic.com/s/vt323/v17/
17 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/vt323/v17/pxiKyp0ihIEF2isfFJU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=VT323&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc6a870a116251f87186b5a787702fc7bf6939f2126f66ca82e0a7142a6ba9f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fivesjs.skipser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:46:05 GMT
x-content-type-options
nosniff
age
307207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17668
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:50:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 21:46:05 GMT
e292088e6a94ab7a9ce0.mp3
fivesjs.skipser.com/
5 MB
0
Media
General
Full URL
https://fivesjs.skipser.com/e292088e6a94ab7a9ce0.mp3
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
147.182.249.38 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.1 / Express
Resource Hash

Request headers

Referer
https://fivesjs.skipser.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 05 Jan 2024 11:06:12 GMT
Last-Modified
Wed, 14 Sep 2022 19:29:24 GMT
Server
nginx/1.23.1
X-Powered-By
Express
ETag
W/"d0b6e3-1833d7a3c76"
Content-Type
audio/mpeg
Content-Range
bytes 0-13678306/13678307
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13678307
sdk.js
connect.facebook.net/en_US/
302 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c81bf7f0fa1905e572ed8d008621723b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5e20952cd2b5012e889491bc48677fe0d3893d44caf82dc7eda4d395eeb602f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://fivesjs.skipser.com/
Origin
https://fivesjs.skipser.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 Jan 2024 11:06:12 GMT
content-md5
pmj7dTfC7ppjF2GWXgzq2Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88318
reporting-endpoints
x-fb-debug
WA5i3KZkhsuFbUMVuoDpuEHu/JoJ7bZ4XjrCd5sYpBHH3u5YuCibSQE1YtfffUMTcDkCmf779KpE7X1tky+iPA==
x-fb-content-md5
48de458ac18c966f6d16463394b46437
cross-origin-opener-policy
same-origin-allow-popups
etag
"28230ce512ae97528a61835b13885ce8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 04 Jan 2025 09:58:46 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 36A7
3 KB
779 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&adk=1812271804&adf=3025194257&lmt=1663183764&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772051&bpp=5&bdt=350&idt=379&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7713146617907&frm=20&pv=2&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=389
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
935460fe620d45d17d773c0c30c0e3060872e34e1c7fdf3615dbb6deb7224e9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fivesjs.skipser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
579
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 11:06:12 GMT
expires
Fri, 05 Jan 2024 11:06:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6EFD
103 KB
38 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772080&bpp=1&bdt=379&idt=367&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=370
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4678b4bd0f1ba7c68cd09b521515bf24c211df6c0b8e531f4a9d1c6159ed0635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fivesjs.skipser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
38910
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 11:06:13 GMT
expires
Fri, 05 Jan 2024 11:06:13 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A591
103 KB
39 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772096&bpp=1&bdt=396&idt=356&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=357
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4eb5f25f74a9af28e4e0418b3bb850c9130c9403b9bdb1d8006ac83107dc159c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fivesjs.skipser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 11:06:13 GMT
expires
Fri, 05 Jan 2024 11:06:13 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
highscores.json
fivesjs.skipser.com/cache/
157 B
478 B
XHR
General
Full URL
https://fivesjs.skipser.com/cache/highscores.json
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/54552a3dd3c3b752b36c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
147.182.249.38 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.23.1 / Express
Resource Hash
9037ceeec82875c419e686b67b2908c48ab7573570b5beb04dda955cb2924800

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fivesjs.skipser.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 11:06:12 GMT
Last-Modified
Tue, 02 Jan 2024 13:49:51 GMT
Server
nginx/1.23.1
X-Powered-By
Express
ETag
W/"9d-18cca701162"
Content-Type
application/json; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
157
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 9136
319 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Ffivesjs.skipser.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://fivesjs.skipser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2137462
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Fri, 05 Jan 2024 11:06:12 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67C0)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
share_button.php
www.facebook.com/v12.0/plugins/ Frame 2CC9
43 KB
15 KB
Document
General
Full URL
https://www.facebook.com/v12.0/plugins/share_button.php?app_id=644661793233564&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9695c7f7a6284%26domain%3Dfivesjs.skipser.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffivesjs.skipser.com%252Ff189b2453bb6d74%26relation%3Dparent.parent&container_width=672&href=https%3A%2F%2Ffivesjs.skipser.com%2F&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c81bf7f0fa1905e572ed8d008621723b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9485eaab706ef609f20dae228a291db95c57cd665c16f0b4edbccf54f818df75
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fivesjs.skipser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 11:06:12 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), keyboard-map=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
A+Atpp4xDxNp3Ba5JDZNlRqR3JOvKvSAvqAwFBm6bK+/fBzdH+RBXT7GgTHB/1zQ9p9AnmJ8ucTRvVQ+LF5ihA==
x-xss-protection
0
settings
syndication.twitter.com/ Frame 9136
869 B
657 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=3de972b03e8c7ec912a8dea5ebaad86d8e24d205
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Ffivesjs.skipser.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time
110
date
Fri, 05 Jan 2024 11:06:11 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Fri, 05 Jan 2024 11:06:12 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
30cdca8d67d0c410
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7469935968
x-connection-hash
276b072bd39d5e8b6e369e05acf70066dfdeaeb34ed5860be0f1e441ba703131
content-length
337
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/
8 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674B) /
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 11:06:12 GMT
Content-Encoding
gzip
Age
2137481
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2620
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (frb/674B)
Etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame D65D
33 KB
13 KB
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674B) /
Resource Hash
320f88c7a9672864d92d9369cde081ba7c6e9a27cd0592755b011be432373882

Request headers

Referer
https://fivesjs.skipser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2137477
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12332
Content-Type
text/html; charset=utf-8
Date
Fri, 05 Jan 2024 11:06:12 GMT
Etag
"e29e65db7bf0a096587728e1faacfd9c+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:48 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/674B)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/
43 B
127 B
Image
General
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Ffivesjs.skipser.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22Skipser%22%2C%22widget_creator_screen_name%22%3A%22Skipser%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1704452772846%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=3de972b03e8c7ec912a8dea5ebaad86d8e24d205
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time
117
date
Fri, 05 Jan 2024 11:06:12 GMT
strict-transport-security
max-age=631138519
last-modified
Fri, 05 Jan 2024 11:06:12 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
2f494c7c8c613698
cache-control
must-revalidate, max-age=600
perf
7469935968
x-connection-hash
276b072bd39d5e8b6e369e05acf70066dfdeaeb34ed5860be0f1e441ba703131
content-length
43
truncated
/ Frame D65D
471 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 2CC9
272 B
1 KB
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/share_button.php?app_id=644661793233564&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9695c7f7a6284%26domain%3Dfivesjs.skipser.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffivesjs.skipser.com%252Ff189b2453bb6d74%26relation%3Dparent.parent&container_width=672&href=https%3A%2F%2Ffivesjs.skipser.com%2F&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 05 Jan 2024 11:06:12 GMT
x-content-type-options
nosniff
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
272
reporting-endpoints
x-fb-debug
IG/YOOby+Rty2EheFNWeD3JI7QNuiqLPcfLpms2VBlIS6rhCsRrWwMiawo68UJRkYMKxB8HqOpA5FJcKioyBfw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 04 Jan 2025 02:29:23 GMT
PFHD3KeL3JS.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yw/l/en_US/ Frame 2CC9
527 KB
136 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yw/l/en_US/PFHD3KeL3JS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/share_button.php?app_id=644661793233564&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9695c7f7a6284%26domain%3Dfivesjs.skipser.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffivesjs.skipser.com%252Ff189b2453bb6d74%26relation%3Dparent.parent&container_width=672&href=https%3A%2F%2Ffivesjs.skipser.com%2F&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dcdbf545ae25e66875064b67efde3ad28713b784292ffb1ae4f6155570558d54
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 05 Jan 2024 11:06:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xb1tlPfHj70rJlhZTsUuqg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
139103
reporting-endpoints
x-fb-debug
cW1e7DYBrVygLb6NdiPmdsr9/OI6j6z5vaisQU0tpx61RtKRvFBd0oIC+Ckc1RbNZZkJwxKHGJQl20STQXC/pw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 01 Jan 2025 22:15:17 GMT
5657431062541401888
tpc.googlesyndication.com/simgad/ Frame A591
51 KB
52 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5657431062541401888?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnTxnHjTIbFavtNEYtM84u6siUwxw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772096&bpp=1&bdt=396&idt=356&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63532211526245889b805b577a880c3a2aca68a7e9a78613ec62cd1b561726da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 00:02:06 GMT
x-content-type-options
nosniff
age
212647
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52475
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 16:48:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Jan 2025 00:02:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame A591
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772096&bpp=1&bdt=396&idt=356&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:39:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
73607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 14:39:26 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0E76
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772096&bpp=1&bdt=396&idt=356&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=357
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772096&bpp=1&bdt=396&idt=356&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=357
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2194
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 10:29:39 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
redir.html
p4-d62l6nzidehlo-4mmmflz3l7eulon7-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 0C94
247 B
866 B
Document
General
Full URL
https://p4-d62l6nzidehlo-4mmmflz3l7eulon7-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772096&bpp=1&bdt=396&idt=356&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
9551487579c98fef00044b75ba7f6a6b89b8c751262a14ba5e2d1d7ee9d4481f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
202
content-security-policy-report-only
script-src 'nonce-TUWggkR2qWi0D66zpyottg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 11:06:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame A591
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772096&bpp=1&bdt=396&idt=356&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
73768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 14:36:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame A591
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772096&bpp=1&bdt=396&idt=356&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
73770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 14:36:43 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A591
204 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772096&bpp=1&bdt=396&idt=356&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 11:06:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 11:06:13 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame A591
36 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772096&bpp=1&bdt=396&idt=356&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e73556347f061bcbefdd907b2a377220818ea0c32808ca19c50ab2181df7a9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 17:38:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
62873
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14809
x-xss-protection
0
server
cafe
etag
6453211018870451496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 17:38:20 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0E76
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772096&bpp=1&bdt=396&idt=356&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=357
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 11:06:13 GMT
expires
Fri, 05 Jan 2024 11:06:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 11:06:13 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
17546672615584363876
tpc.googlesyndication.com/simgad/ Frame 6EFD
26 KB
26 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/17546672615584363876?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmY7A3C4FTEup_fUAUdFfRiDFAviA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772080&bpp=1&bdt=379&idt=367&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e169b9ab02a6bb5de72068f95ca2ef850ea97caf6565a258c4cab7306727b50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 01:01:46 GMT
x-content-type-options
nosniff
age
295467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26578
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 07:18:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 01 Jan 2025 01:01:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 6EFD
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772080&bpp=1&bdt=379&idt=367&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:39:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
73607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 14:39:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 6EFD
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772080&bpp=1&bdt=379&idt=367&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
73768
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 14:36:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 6EFD
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772080&bpp=1&bdt=379&idt=367&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 14:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
73770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 14:36:43 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6EFD
204 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772080&bpp=1&bdt=379&idt=367&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 11:06:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 11:06:13 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 6EFD
36 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772080&bpp=1&bdt=379&idt=367&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e73556347f061bcbefdd907b2a377220818ea0c32808ca19c50ab2181df7a9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 17:38:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
62873
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14809
x-xss-protection
0
server
cafe
etag
6453211018870451496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 18 Jan 2024 17:38:20 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3C47
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772080&bpp=1&bdt=379&idt=367&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=370
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772080&bpp=1&bdt=379&idt=367&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=370
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2194
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 10:29:39 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
redir.html
p4-fivoapjbes3s4-tguvt7kiwinop5tg-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 35F6
247 B
866 B
Document
General
Full URL
https://p4-fivoapjbes3s4-tguvt7kiwinop5tg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772080&bpp=1&bdt=379&idt=367&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=370
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
859b6499816d8a881b6acae7c5cd6aa0f3a7a5419aa198aab13bc662cedef9c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
202
content-security-policy-report-only
script-src 'nonce-Pps57JatsfKN6rhhKD7SoQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 11:06:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A591
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34a4fe600104831e094f6715c21b6602dc7bed14a2ad84e4e3d03ae5b5d0a539

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3C47
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772080&bpp=1&bdt=379&idt=367&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=370
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 11:06:14 GMT
expires
Fri, 05 Jan 2024 11:06:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 11:06:13 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
iframe.html
p4-d62l6nzidehlo-4mmmflz3l7eulon7-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 0C94
5 KB
2 KB
Document
General
Full URL
https://p4-d62l6nzidehlo-4mmmflz3l7eulon7-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-d62l6nzidehlo-4mmmflz3l7eulon7-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-d62l6nzidehlo-4mmmflz3l7eulon7-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3f0d8dae266da0cae9e5feb4418657953ad7bdce3de1a0c66ab614ab53559184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-d62l6nzidehlo-4mmmflz3l7eulon7-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1985
content-security-policy-report-only
script-src 'nonce-LPkuBlx-SRE1lcN7F7CAoA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 11:06:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6EFD
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d3a4f244ec51ab356892723dc33bfe19695e8ce3199e1ddaf924e6abf2c1bc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
iframe.html
p4-fivoapjbes3s4-tguvt7kiwinop5tg-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 35F6
5 KB
2 KB
Document
General
Full URL
https://p4-fivoapjbes3s4-tguvt7kiwinop5tg-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-fivoapjbes3s4-tguvt7kiwinop5tg-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-fivoapjbes3s4-tguvt7kiwinop5tg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
b4a31e18e6354033d859e4392f147037ef0434f543f4286dac052d28ecd1db38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-fivoapjbes3s4-tguvt7kiwinop5tg-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1985
content-security-policy-report-only
script-src 'nonce-6AqGqR4lDa5yl5petvl0Ig' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 11:06:14 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame A591
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CMggYpOKXZdXCHuDa1fAP7riUgA7Oo_qUdYmI1oOkEp7zwbKKDhABIO-o7osBYJXikIKgB6ABnK_7qALIAQKoAwHIA8kEqgTTAU_QL_djH1rPBPTdcu1C8_6r71e7s9fmqy3Q6HFIuIlH7QV...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225122670691811972809%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22:...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225122670691811972809%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22622778268%22],%2222%22:[%22true%22],%224%22:[%2201-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222789273374034305665%22}&andc=true
Requested by
Host: fivesjs.skipser.com
URL: https://fivesjs.skipser.com/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 11:06:14 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"5122670691811972809","debug_reporting":true,"destination":"https://hero-wars.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["622778268"],"22":["true"],"4":["01-05"],"6":["true"]},"priority":"500","source_event_id":"2789273374034305665"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 05 Jan 2024 11:06:14 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 05 Jan 2024 11:06:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5122670691811972809","debug_reporting":true,"destination":"https://hero-wars.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["622778268"],"22":["true"],"4":["01-05"],"6":["true"]},"priority":"500","source_event_id":"2789273374034305665"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 7A89
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=7420539492&adk=262408115&adf=1886478599&pi=t.ma~as.7420539492&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772096&bpp=1&bdt=396&idt=356&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=357
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 20:29:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
52623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jan 2025 20:29:11 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225122670691811972809%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22622778268%22],%2222%22:[%22true%22],%224%22:[%2201-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222789273374034305665%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 11:06:14 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 6EFD
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CaquDpOKXZZ6jHrvI1fAPx-6quAKYtqv3dMmTl5ziEZ7zwbKKDhABIO-o7osBYJXikIKgB6AB1tva_ALIAQKpApjnTqE6L4E-qAMByAPJBKoE3wFP0Op9ZL8GdnHwXB0w5eAPRAsN5TDubCm...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211043167542296567317%22,%22debug_reporting%22:true,%22destination%22:%22https://theabclearning.com%22,%22event_report_wind...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211043167542296567317%22,%22debug_reporting%22:true,%22destination%22:%22https://theabclearning.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%2222%22:[%22true%22],%224%22:[%2201-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226226996566677695665%22}&andc=true
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 11:06:14 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"11043167542296567317","debug_reporting":true,"destination":"https://theabclearning.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["798404054"],"22":["true"],"4":["01-05"],"6":["true"]},"priority":"500","source_event_id":"6226996566677695665"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 05 Jan 2024 11:06:14 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 05 Jan 2024 11:06:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11043167542296567317","debug_reporting":true,"destination":"https://theabclearning.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["798404054"],"22":["true"],"4":["01-05"],"6":["true"]},"priority":"500","source_event_id":"6226996566677695665"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fe051e50b78dc4365ea0e6faa4594ef0c995e6884fd6353a3158f13d08619a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 11:06:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12113
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 5425
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5289321941597511&output=html&h=280&slotname=3578138034&adk=4037986445&adf=3732599519&pi=t.ma~as.3578138034&w=336&lmt=1663183764&format=336x280&url=https%3A%2F%2Ffivesjs.skipser.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704452772080&bpp=1&bdt=379&idt=367&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7713146617907&frm=20&pv=1&ga_vid=1344377630.1704452772&ga_sid=1704452772&ga_hid=551347245&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=459&ady=821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320376%2C95320870&oid=2&pvsid=1378151212936518&tmod=967922337&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=dM%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=370
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 20:29:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
52623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jan 2025 20:29:11 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211043167542296567317%22,%22debug_reporting%22:true,%22destination%22:%22https://theabclearning.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%2222%22:[%22true%22],%224%22:[%2201-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226226996566677695665%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 05 Jan 2024 11:06:14 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5289321941597511&plah=fivesjs.skipser.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 11:06:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 11:06:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 46D3
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fivesjs.skipser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5228
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 09:39:06 GMT
expires
Sat, 04 Jan 2025 09:39:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7169
829 B
559 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6c6370274136430e9ccb1daf798bfb7930a5193df19517d1bb47111febf2fb21
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-npdUrq9ePM2I2MshYweVXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fivesjs.skipser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-npdUrq9ePM2I2MshYweVXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 11:06:14 GMT
expires
Fri, 05 Jan 2024 11:06:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 46D3
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 09:39:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
5226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Jan 2025 09:39:08 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7169
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240103&jk=1378151212936518&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 46D3
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?wqi-Kg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 11:06:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A591
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsut1kvD5wv8UlTpFJGjwTgbgFPpZ45N2Kx1ptgZCOeJrNpcwFoQ1rsxEPshuBJm0DCd7pmeQPUQNIkHY0MEkhDa2VybgzwNMeM3ojfCr2ipuNgifEOOfX0T4-KcHPxF9Zpy81Ik4qyO_pPYHdDvhjzWYw7N&sai=AMfl-YSYngNQ_1_1xbQcNPFZFEtk2wXAkIDWMZH-uWymaTFmVpkzYsaOAJuSxAUg0fJWOpd3g3LxwgkvwJ0T5AlI9wvt-zGrL2XIddCIg4TrTBEVYocnXJOKDrjk8mUnlc2MssVUt69LJ9bGjvWaHsu7PA&sig=Cg0ArKJSzCLol6K-ayPDEAE&cid=CAQSTwAvHhf_Hwo1KOd9DVjJ4j86f7w91ps29IAuiUepQ7gbRKG4Qxh3Lh0UF3b0XCJJVgE9-YrigdD_55_V2rn1fN6xUod3oe6Lf8St9wr3G_wYAQ&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=262408115&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704452772454&rpt=1607&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 11:06:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6EFD
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3BdnxzgmkbiQRLcDWm7ZlFtjOMf64GIZscyiR3sa6CPugTovNfr5X99W_A78zFEsiD2gAG4B_WQjpAi9Vq9Ugg7ovORGnDCjVn7LaemVeent4ARgKIHbCmzVCQmx7BGItEoqOb-rDSRZ-VHW9NH7on2v_&sai=AMfl-YQxbxhH9mO4zlEWvJv2CiUADAxld_nRqiciEJRPyRX4Ym5-oC5KbWkZV6gzcyjc3GZAHiKzKVVrFQw0jdOs-VokShw3mM7_1axSP09omgHiO066amnmFCHFgsZsKzjsIEsw9oacbgT_YiWTsGUcWw&sig=Cg0ArKJSzGyL8smPWY8IEAE&cid=CAQSTwAvHhf_Of0NLCsFcJudCMQaXkb2biL7ISauU15uXwTuNLikDvpkMeWxDYZXTCY3obGiS6Uw7Q_AjwQDOzR5Sou5SYk3SrXf5SCJ9eJIh5EYAQ&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=4037986445&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704452772451&rpt=1647&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 11:06:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240103&jk=1378151212936518&bg=!8fKl8r3NAAY3kmNgF5I7ADQBe5WfOGSYX0vZCphEDOLJl9tSqwZKgW3fNu8LwR_JfvtHmayWXrrhEtJSAJbYe06lRlHwAgAAADBSAAAAAmgBB5kCvXbB8GHeyEiV6G6fY9Jt1al9-_nu_5wE7_gAv21cGaMccKvJXlsrDmF5nuLMmysdpCSgyjWCkoJ7mD5yrB73JcBzQUz3lRHQ3SIBJl-t9oCWHf8dfpP64aj09_50kUXPTrm3NuCC_IVNUUYRNqVpZ6hAZDakZfI4eEPuD0dK-ZG-BqKhJgczHHXBicpYRVpLakfl9DHkLQfd9J-DERndVDdawzYvARQftkjcxEEibKjrEJjmqBHoFgja25AcXDpm7oos7_2ecHSjRgAMKHTRu7ApSoMjQNHeAJ1zvFzvEbDYfFsxRROYea8Q6e-wEGGar9-zyQ0167uQqIW6wCGQyStSXEJV0SmayxnX-pQEkjLRC9OcsowmQUPi0b_KFXSuR7VTiFoxLFKNE2RYz5qR-ZoxSRtr5YZcwRD7kXWeKLE7gFxC-vL8B_wriJYfqcplp_QzSunlp0otCA4WM9vYgjpx0yOEJI2nY7AcnaY4g7O6vRhorxAphmuMifRJ2LO2Sa0YBqTzkxH7HinKDiht-0x4bGvbT6UopsElgYK_9oH4Xo0bB7bmX_HnrAysjd8AxnQjyryZcMLB6R8G8Qh7poFprWNantfAqtDdjIS82a-6xMapBheKM5Jt_QWP3xAIOluo5Sx4y9iQojqrxBlBn3d-yR1vTnxw44SzfFr5tYKu4gPXRcz6aLverTz21J3f7xBoTj0d4T-e9rb_VWaKCzGU0THqEP57oamfkKMz-Edr4303T1VJk-vpOvCDLAvANcOU2WLlUo0FN-PNbHbajTF3DY818y1tss9MNuAbkyZg3WUgyoT-jAUCJEMkITZ7rJF0D-EBLbbGIlczGxv-bVtSmOozk9sbYBBknfU9OyCAzzeoMLS0oomAuPH8Tqq7_xg0DQXjiQj5NhQW5qnJjAzlsAPvcGmqZgG6pKQy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fivesjs.skipser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture function| html2canvas function| $ function| jQuery function| gtag object| dataLayer object| __twttrll object| twttr object| __twttr object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| shareScore function| fbAsyncInit object| FB object| __buffer function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.skipser.com/ Name: _ga
Value: GA1.1.1344377630.1704452772
.skipser.com/ Name: _ga_BN0GL614BJ
Value: GS1.1.1704452772.1.0.1704452772.0.0.0
.skipser.com/ Name: __gads
Value: ID=c853f85672b529b6:T=1704452772:RT=1704452772:S=ALNI_MbnWyDcPniGYrJ6STWlRYvvHiig5Q
.skipser.com/ Name: __gpi
Value: UID=00000cef287eaacf:T=1704452772:RT=1704452772:S=ALNI_Mb7zFE97qhY47Y1ux4R0DhuwVbtIA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmxQUixV0zjCiKeOXQXTadpvZ8HGv07SBNd4ZV2vE3cBMCFAedrtVL9qKm4_iU
.googleadservices.com/ Name: ar_debug
Value: 1

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fivesjs.skipser.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
p4-d62l6nzidehlo-4mmmflz3l7eulon7-if-v6exp3-v4.metric.gstatic.com
p4-fivoapjbes3s4-tguvt7kiwinop5tg-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
platform.twitter.com
region1.google-analytics.com
static.xx.fbcdn.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.trex-game.skipser.com
104.244.42.8
142.250.184.195
142.250.186.34
142.250.186.35
147.182.249.38
2001:4860:4802:34::36
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:180e
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::649
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fe051e50b78dc4365ea0e6faa4594ef0c995e6884fd6353a3158f13d08619a6
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1d2caa8ee1da2d3bbea4938d7c0a0a0684a699d5a251894db2b4c2411b7c885f
1d3a4f244ec51ab356892723dc33bfe19695e8ce3199e1ddaf924e6abf2c1bc1
214086b743603d734e84240b6de2179e31e445229c26d91326822d8575c16a7c
29d5360d9bf6371345b34c851c425f0f7806c1d48aec3cd553fae1f103772bc8
2f60eda7f1ba6695a87b6434f556c05553a0e8e06e7f0a9ace7520aa9e3a20be
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320f88c7a9672864d92d9369cde081ba7c6e9a27cd0592755b011be432373882
34a4fe600104831e094f6715c21b6602dc7bed14a2ad84e4e3d03ae5b5d0a539
351fa95562751dce794104819f7e6200c7390fb542c07e60260e98ab9a7b6e6c
3f0d8dae266da0cae9e5feb4418657953ad7bdce3de1a0c66ab614ab53559184
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
4305554e8b8b21effaef9da26969c386a52ce787bc4cbde6bb9d0cd8b47a5a25
4678b4bd0f1ba7c68cd09b521515bf24c211df6c0b8e531f4a9d1c6159ed0635
4b4545ee77e9a4300e318d2074673c5a72f614f3aee0c43b75cf8febfdb5de16
4eb5f25f74a9af28e4e0418b3bb850c9130c9403b9bdb1d8006ac83107dc159c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565a4af97c9384ad86fb4b453b895b3cb6357616d07a602e86e7f417442b8be2
5e20952cd2b5012e889491bc48677fe0d3893d44caf82dc7eda4d395eeb602f8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63532211526245889b805b577a880c3a2aca68a7e9a78613ec62cd1b561726da
6c6370274136430e9ccb1daf798bfb7930a5193df19517d1bb47111febf2fb21
6ca7c6fba3ad150eb5a978fec7a31c496d31fc77fd01d146602227099ca4e5c9
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5
859b6499816d8a881b6acae7c5cd6aa0f3a7a5419aa198aab13bc662cedef9c2
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
9037ceeec82875c419e686b67b2908c48ab7573570b5beb04dda955cb2924800
935460fe620d45d17d773c0c30c0e3060872e34e1c7fdf3615dbb6deb7224e9a
9485eaab706ef609f20dae228a291db95c57cd665c16f0b4edbccf54f818df75
9551487579c98fef00044b75ba7f6a6b89b8c751262a14ba5e2d1d7ee9d4481f
9e169b9ab02a6bb5de72068f95ca2ef850ea97caf6565a258c4cab7306727b50
a2483b0e9a24938c0d13b7896441ae1d347467e7ce79e03121e4b5ceca20290f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b4a31e18e6354033d859e4392f147037ef0434f543f4286dac052d28ecd1db38
ba893425305488e76a3dae637e7d078a8005b9c53d66131cb428f2120cfa0336
d0d3ef139520233243274cdc34e72ad1f57d39c27768a236907fe89ca7fa0f77
d18eb3df91dedac8a747ab0b94010ee4e9a62c2469b0b4afd7e1527df8cc678b
dc6a870a116251f87186b5a787702fc7bf6939f2126f66ca82e0a7142a6ba9f6
dcdbf545ae25e66875064b67efde3ad28713b784292ffb1ae4f6155570558d54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73556347f061bcbefdd907b2a377220818ea0c32808ca19c50ab2181df7a9d9
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e