pt.im Open in urlscan Pro
13.32.121.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pt.im/
Effective URL:
https://pt.im/
Submission: On April 11 via api (April 11th 2023, 1:53:13 pm UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 58 HTTP transactions. The main IP is 13.32.121.68, located in United States and belongs to AMAZON-02, US. The main domain is pt.im.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 14th 2022. Valid for: a year.

This is the only time pt.im was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	13.32.121.68 13.32.121.68	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
58	9

30 13.32.121.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-68.fra60.r.cloudfront.net

pt.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	pt.im pt.im	283 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	381 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	10 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2 Failed	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7832	696 B
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	698 B
0	Failed function sub() { [native code] }. Failed
58	7

	Domain	Requested by
30	pt.im	pt.im
9	pagead2.googlesyndication.com	pt.im pagead2.googlesyndication.com tpc.googlesyndication.com
4	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
0	resolve Failed	pt.im
58	9

This site contains links to these domains. Also see Links.

Domain
potato.im
twitter.com

Subject Issuer	Validity	Valid
*.pt.im Sectigo RSA Domain Validation Secure Server CA	`2022-12-14` - `2023-12-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://pt.im/
Frame ID: DBA8C35B6B6BD8A00EBEE18B1030DA33
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230406/r20190131/zrt_lookup.html
Frame ID: 777B92DAB3EE3A38ABC055A1AF188922
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3412308198192818&output=html&adk=1812271804&adf=3025194257&lmt=1681221186&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x945_l%7C356x675_r&format=0x0&url=https%3A%2F%2Fpt.im%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681221186159&bpp=5&bdt=986&idt=229&shv=r20230406&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1021315386494&frm=20&pv=2&ga_vid=1589208730.1681221186&ga_sid=1681221186&ga_hid=1304079914&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31073584%2C31073709&oid=2&pvsid=1728038394580585&tmod=898167998&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=247
Frame ID: 10A1F2E5DAD2548091E5B2338AE6BF18
Requests: 1 HTTP requests in this frame

Frame: pt://resolve?domain=potato&
Frame ID: F3316A033F71BE213508CA95C65FE52E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ECF0B54038904D2A4C52ACCC4567AFB1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 38146BC9FC318874CBD3F6C39C0CA6C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230406/r20190131/zrt_lookup.html
Frame ID: 0274BBEFACC93E754526179198DDB22A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3412308198192818&output=html&adk=1812271804&adf=3025194257&lmt=1681221188&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x945_l%7C356x675_r&format=0x0&url=https%3A%2F%2Fpt.im%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681221187840&bpp=4&bdt=776&idt=246&shv=r20230406&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc35728e4bab1b3e6-2204ada48cdd00d4%3AT%3D1681221186%3ART%3D1681221186%3AS%3DALNI_MZDxnq8Ttk1F1uHKR2BoZxJbCHAAg&gpic=UID%3D00000bd3dc1f5a6b%3AT%3D1681221186%3ART%3D1681221186%3AS%3DALNI_MZxZRF-mMtFlZD3JAcH7kQqgsUfkA&nras=1&correlator=6183715550781&frm=20&pv=2&ga_vid=1483423276.1681221188&ga_sid=1681221188&ga_hid=1060738919&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31071756%2C44785295&oid=2&pvsid=117187549477159&tmod=1740001236&uas=0&nvt=2&ref=https%3A%2F%2Fpt.im%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=268
Frame ID: 069C9ECE91D06DDE59F568F84C138CA0
Requests: 1 HTTP requests in this frame

Frame: pt://resolve?domain=potato&
Frame ID: FA854F5253A7F210185FB785B3A2749B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2191F076117A35AD6338B4B9EC487E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F6A262076BC58DC7AD6ED6EDFB0DD40
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Potato

Page URL History Show full URLs

http://pt.im/ HTTP 307
https://pt.im/ Page URL
https://pt.im/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

93 %
HTTPS

88 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

676 kB
Transfer

1884 kB
Size

5
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://potato.im/
Title: HOME

Search URL Search Domain Scan URL

URL: https://potato.im/apps
Title: APPS

Search URL Search Domain Scan URL

URL: https://potato.im/api
Title: DEVELOPER

Search URL Search Domain Scan URL

URL: https://potato.im/faq
Title: FAQ

Search URL Search Domain Scan URL

URL: https://potato.im/privacy
Title: PRIVACY

Search URL Search Domain Scan URL

URL: https://potato.im/news
Title: NEWS

Search URL Search Domain Scan URL

URL: https://twitter.com/PotatoChatApp
Title: 

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pt.im/ HTTP 307
https://pt.im/ Page URL
https://pt.im/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://pt.im/ HTTP 307
https://pt.im/

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
pt.im/
Redirect Chain

http://pt.im/
https://pt.im/

17 KB
5 KB

759ms
679ms

Document
text/html

13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pt.im/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-68.fra60.r.cloudfront.net

Software

openresty /

Resource Hash

536488071cde54195008c8ceec4dc17d4c22c9d441c670e03bbef210413741d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-language: en
content-type: text/html;charset=UTF-8
date: Tue, 11 Apr 2023 13:53:05 GMT
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: accept-encoding
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-id: WbGoXUcgT-MCqFN9Yav1sNa9hn65TyHZfx3qg1oC0xqcDaR3M75vFQ==
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
x-frame-options: SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://pt.im/
Non-Authoritative-Reason: HSTS

GET
H2 200 bootstrap.min.css
pt.im/resources/vendor/bootstrap/css/ 141 KB
20 KB 344ms
343ms Stylesheet
text/css 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:05 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"60346cc9-235ed"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: uEf59C3i7Lh_Pz0SUWG0nNW2J3IQ7jSlyINxBK32tuOILK-6HX7sLQ==

GET
H2 200 main.css
pt.im/resources/css/ 42 KB
8 KB 662ms
662ms Stylesheet
text/css 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/css/main.css
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 334f42299e3341c64ac6c5a7523fe28128769110d0beb4b48a651a49ced6ee87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:05 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Thu, 22 Sep 2022 10:42:30 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"632c3c16-a993"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: xm14XR7uH5109Vc-ooqjGEUSRxrbzJx9iZClxZlRVH6u_m0lIZRxWg==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 120ms
67ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pt.im
URL: https://pt.im/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6053713edc723ab707193f41317f76a0be0d334effacdfc5818120af2f36ef51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47948
x-xss-protection: 0
server: cafe
etag: 13350837220827084189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 13:53:06 GMT

GET
H2 200 upload.css
pt.im/resources/css/ 5 KB
2 KB 657ms
656ms Stylesheet
text/css 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/css/upload.css
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 7e6ed42f185d84bef1f103d48c659ea7668208c965fce243df60fef2faeecb56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:05 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"60346cc9-1598"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: TXlM6JiwqZNU_96vEMH0nc-xjvSxeioQKemoN-I7NT2CMfdYqht3cA==

GET
H2 200 uploadImg.js Show response
pt.im/resources/vendor/upload/ 7 KB
2 KB 652ms
652ms Script
application/javascript 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/vendor/upload/uploadImg.js
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: dfe1b821b4384025d56d290e488ea8b57e0adaa94475c1f5ae60b8b8b1568803

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:05 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Thu, 14 Apr 2022 09:43:13 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"6257ecb1-1cc9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: _nNDstzZ4iGbJ7vtH3ZbnDpvfzem23sa5XKIFaodpFTCe6gewQbNVg==

GET
H2 200 btn_addphoto.png
pt.im/resources/images/ 3 KB
3 KB 181ms
180ms Image
image/png 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.im/resources/images/btn_addphoto.png
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 723bdb8e2c7f82ab1579572d4af17028f774d6701db4230528c5854e0ed78c0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: "60346cc9-b55"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2901
x-amz-cf-id: JJGEnNrOnAamPbqwL6SPx5E8UEfI7f2RT4Td8K9cV6uOVEsSSyzOCQ==

GET
H2 200 potato.svg
pt.im/resources/images/ 7 KB
4 KB 191ms
189ms Image
image/svg+xml 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.im/resources/images/potato.svg
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: adc040664d32fba316ced543fdc279c32c527ea43d4ba7727bb2efe8c6a83025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"60346cc9-1dc3"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: xBPEIOkqGxfZ0uH-pNLpDVNC6be8Bspby9j4BNpUOQDbHTQ2IAE6Eg==

GET
H2 200 fetchAvatar;jsessionid=78C6D9B0D47FB41570D4B98EB33ABDF2
pt.im/ 45 KB
45 KB 310ms
309ms Image
image/jpg 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pt.im/fetchAvatar;jsessionid=78C6D9B0D47FB41570D4B98EB33ABDF2?fid=9235057282921064297

Requested by

Host: pt.im
URL: https://pt.im/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-68.fra60.r.cloudfront.net

Software

openresty /

Resource Hash

0c9b5e8530866f759a157a9427d36ee42b962a09871d8bc50aff5d51721b3fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA60-P1
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/jpg
x-amz-cf-id: D9YufcM-yGkwzxCOoTHmA0FqvECOvVLJFjycdCBkN6HApIyxcekdug==

GET
H2 200 jquery-3.3.1.min.js Show response
pt.im/resources/vendor/jquery/ 85 KB
30 KB 824ms
823ms Script
application/javascript 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/vendor/jquery/jquery-3.3.1.min.js
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"60346cc9-1538f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: H4pOFnvI5Q2xLUBzIXMSXwaL-A3XfYjlKnL8Vnpg_-3XuLb0_qtaDA==

GET
H2 200 common.js Show response
pt.im/resources/js/ 4 KB
2 KB 667ms
667ms Script
application/javascript 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/js/common.js
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 99e92eb0cb9c935b6287bd12a5a7c05291eea2c1fa7c386a29acc1fe84e2c754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"60346cc9-eb1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: CwzQ4ZBW0-HUBFCWTAWr_VmhQ0xR7zFSFVOxNR2mDGmonS0oyaCgig==

GET
H2 200 jquery.qrcode.min.js Show response
pt.im/resources/vendor/qrcode/ 14 KB
5 KB 829ms
826ms Script
application/javascript 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/vendor/qrcode/jquery.qrcode.min.js
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"60346cc9-36ab"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: g6kfAAqg0VKMMhuYSDSfE18xhG18Gmu2GLAP_-EH5A795lNt4vna1Q==

GET
H2 200 ic_header_logo.svg
pt.im/resources/images/banner/ 9 KB
5 KB 657ms
654ms Image
image/svg+xml 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.im/resources/images/banner/ic_header_logo.svg
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 338274e32087c92344d5212c66cf8652daefe4c34ade940a1406648c600ba631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"60346cc9-22fe"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: ZZjo0NnZ2n399emXbxVhmINKxmj2TWOH1Yg_8mQCzeWIechmxNVArQ==

GET
H2 200 ic_header_arrowdown.svg
pt.im/resources/images/ 754 B
1 KB 658ms
656ms Image
image/svg+xml 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.im/resources/images/ic_header_arrowdown.svg
Requested by: Host: pt.im
URL: https://pt.im/resources/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 905efb970150cc064b34db2e371c392626c7f588386c1776eddb1745c673d4b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/resources/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: "60346cc9-2f2"
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 754
x-amz-cf-id: z7CAatcFw4LCbKlD69ifHd0FrjjoWNkVOy5CGUD2h7PI3ZILLLileg==

GET
H2 200 PingFang%20Medium.ttf
pt.im/resources/css/font/ 1 KB
2 KB 181ms
179ms Font
application/octet-stream 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/css/font/PingFang%20Medium.ttf
Requested by: Host: pt.im
URL: https://pt.im/resources/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 17d93ce60b113b9ff8c7126c710a343876577555dd589f1cf85a9b303052da5e

Request headers

Referer: https://pt.im/resources/css/main.css
Origin: https://pt.im
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: "60346cc9-5f4"
x-cache: Miss from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
content-length: 1524
x-amz-cf-id: kBk8vEzduryS6_flWlgqWgqrN2TFh3gLb_QQD_EGlmdhGv4XlQuAng==

GET
H2 200 iconfont.woff
pt.im/resources/css/font2.0/ 8 KB
8 KB 667ms
665ms Font
font/woff 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/css/font2.0/iconfont.woff
Requested by: Host: pt.im
URL: https://pt.im/resources/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: a00dd41dff5b716fed0a24530d73b58775252a8c6ebe2950256a62048b300075

Request headers

Referer: https://pt.im/resources/css/main.css
Origin: https://pt.im
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: "60346cc9-1f4c"
x-cache: Miss from cloudfront
content-type: font/woff
accept-ranges: bytes
content-length: 8012
x-amz-cf-id: 4NUHRQRTLuy6649Q4i1kHbouJMIMn8LQkVbf_SIRby7lrA3P0yaBAA==

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/ 348 KB
116 KB 97ms
96ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3412308198192818&plah=pt.im&bust=31073709

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56153d6635a120f0d432694784ecf4fb385762aa6d1965191bd78cf34eccc1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119050
x-xss-protection: 0
server: cafe
etag: 11670672603693326437
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 13:53:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230406/r20190131/ Frame 777B 10 KB
5 KB 70ms
20ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.im/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 11:15:04 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 11:15:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 377 B
598 B 79ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pt.im&callback=_gfp_s_&client=ca-pub-3412308198192818

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3412308198192818&plah=pt.im&bust=31073709

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cb6fbbf3aaa55e5ad751b5504b2b168daefed9467f775224ff8e36ba5dcf5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 85ms
30ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pt.im

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 83ms
28ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pt.im

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 10A1 603 B
245 B 139ms
138ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3412308198192818&output=html&adk=1812271804&adf=3025194257&lmt=1681221186&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x945_l%7C356x675_r&format=0x0&url=https%3A%2F%2Fpt.im%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681221186159&bpp=5&bdt=986&idt=229&shv=r20230406&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1021315386494&frm=20&pv=2&ga_vid=1589208730.1681221186&ga_sid=1681221186&ga_hid=1304079914&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31073584%2C31073709&oid=2&pvsid=1728038394580585&tmod=898167998&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=247

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.im/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 13:53:06 GMT
expires: Tue, 11 Apr 2023 13:53:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 122ms
70ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230406&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11164
x-xss-protection: 0

GET
H2 200 Primary Request / Show response
pt.im/ 17 KB
5 KB 198ms
198ms Document
text/html 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pt.im/

Requested by

Host: pt.im
URL: https://pt.im/resources/js/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-68.fra60.r.cloudfront.net

Software

openresty /

Resource Hash

1d99414b609af4ba344f53b4eebddf29ae464828833367b975eca559e24de326

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://pt.im/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-language: en
content-type: text/html;charset=UTF-8
date: Tue, 11 Apr 2023 13:53:06 GMT
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: accept-encoding
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-id: Bu42_i-pS0qDWdrVxQXwloDZq0EXuTXp_JOzFBDL2Yi774H0uifrsA==
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
x-frame-options: SAMEORIGIN

GET pt://resolve?domain=potato&
pt://resolve?domain=potato& Frame F331 0
0

GET
H2 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 81ms
31ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 13:53:07 GMT

GET runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ECF0 0
0

GET aframe
www.google.com/recaptcha/api2/ Frame 3814 0
0

GET
H2 200 bootstrap.min.css
pt.im/resources/vendor/bootstrap/css/ 141 KB
20 KB 345ms
344ms Stylesheet
text/css 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:07 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"60346cc9-235ed"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: vefE-_e3J3kstaaY35yQI1Xke4bEhCm7nWfySi3wpyfXyIAZOigSUg==

GET
H2 200 main.css
pt.im/resources/css/ 42 KB
8 KB 347ms
346ms Stylesheet
text/css 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/css/main.css
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 334f42299e3341c64ac6c5a7523fe28128769110d0beb4b48a651a49ced6ee87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:07 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Thu, 22 Sep 2022 10:42:30 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"632c3c16-a993"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: Cb0EyA_f79KSWHt6BT4sdxefxNtEmTNn9wefdnQVpebI7ePGnNb-wQ==

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pt.im
URL: https://pt.im/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc6e467c5ebd7d6aedbfe1600cd8e00927d1f2e2a99e682f84d7fe6a9a43faf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47952
x-xss-protection: 0
server: cafe
etag: 1504239760388434203
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 13:53:07 GMT

GET
H2 200 upload.css
pt.im/resources/css/ 5 KB
2 KB 180ms
179ms Stylesheet
text/css 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/css/upload.css
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 7e6ed42f185d84bef1f103d48c659ea7668208c965fce243df60fef2faeecb56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:07 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"60346cc9-1598"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: NYpr7d5Yq8JPy6kA8HEc3gl6xZMdPhw5TH6Ts5ltVDH3hKRGV5edhQ==

GET
H2 200 uploadImg.js Show response
pt.im/resources/vendor/upload/ 7 KB
2 KB 187ms
186ms Script
application/javascript 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/vendor/upload/uploadImg.js
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: dfe1b821b4384025d56d290e488ea8b57e0adaa94475c1f5ae60b8b8b1568803

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:07 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Thu, 14 Apr 2022 09:43:13 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"6257ecb1-1cc9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: 8N94GpuTQ2PO3Pgin-xwlEYNgNb9INXpg0y20Obn9esdXxj6xtxX1A==

GET
H2 200 btn_addphoto.png
pt.im/resources/images/ 3 KB
3 KB 187ms
186ms Image
image/png 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.im/resources/images/btn_addphoto.png
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 723bdb8e2c7f82ab1579572d4af17028f774d6701db4230528c5854e0ed78c0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:08 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: "60346cc9-b55"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2901
x-amz-cf-id: OMwYEonVPSGvHFQpLd8Y1oP2gdPb1B5INbYcdV8CEONQ0-Nsr4fifQ==

GET
H2 200 potato.svg
pt.im/resources/images/ 7 KB
4 KB 188ms
187ms Image
image/svg+xml 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.im/resources/images/potato.svg
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: adc040664d32fba316ced543fdc279c32c527ea43d4ba7727bb2efe8c6a83025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:07 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"60346cc9-1dc3"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: C4iYnzBxk6iN83skobrY9fRmobvd0ewczTYJAqf1aQcJSwLsNcv_ZQ==

GET
H2 200 fetchAvatar
pt.im/ 45 KB
45 KB 404ms
404ms Image
image/jpg 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pt.im/fetchAvatar?fid=9235057282921064297

Requested by

Host: pt.im
URL: https://pt.im/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-68.fra60.r.cloudfront.net

Software

openresty /

Resource Hash

0c9b5e8530866f759a157a9427d36ee42b962a09871d8bc50aff5d51721b3fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA60-P1
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/jpg
x-amz-cf-id: 2qiPkYrS2HHF0Hev2VDfG3hqrPyJCShy5X7XB_e8DyF78mHxttIhdw==

GET
H2 200 jquery-3.3.1.min.js Show response
pt.im/resources/vendor/jquery/ 85 KB
30 KB 352ms
352ms Script
application/javascript 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/vendor/jquery/jquery-3.3.1.min.js
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:07 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"60346cc9-1538f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: ELYShamMIP6cz6FJt0Es43PvNpTApZKoXh_6Uz5t6NxvoESXrJcqOA==

GET
H2 200 common.js Show response
pt.im/resources/js/ 4 KB
2 KB 187ms
186ms Script
application/javascript 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/js/common.js
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 99e92eb0cb9c935b6287bd12a5a7c05291eea2c1fa7c386a29acc1fe84e2c754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:07 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"60346cc9-eb1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: QIBRWyBPwl6d56ujcKSmStz_BZGMiezEz3YC4KcP4qGF5pc2pwoVZA==

GET
H2 200 jquery.qrcode.min.js Show response
pt.im/resources/vendor/qrcode/ 14 KB
5 KB 350ms
349ms Script
application/javascript 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/vendor/qrcode/jquery.qrcode.min.js
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:08 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"60346cc9-36ab"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: rhm5j_45S_pqwWMHlj-5k6xBR9YoVKq1g0YyNVxnm519NUAmarKWYw==

GET
H2 200 ic_header_logo.svg
pt.im/resources/images/banner/ 9 KB
5 KB 511ms
508ms Image
image/svg+xml 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.im/resources/images/banner/ic_header_logo.svg
Requested by: Host: pt.im
URL: https://pt.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 338274e32087c92344d5212c66cf8652daefe4c34ade940a1406648c600ba631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:08 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: W/"60346cc9-22fe"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: fk15czRjm5fYAcDLVO4GXYfdOQPk8XIxhxahuMk7_wurZUuy09Mt9Q==

GET
H2 200 ic_header_arrowdown.svg
pt.im/resources/images/ 754 B
1 KB 191ms
189ms Image
image/svg+xml 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.im/resources/images/ic_header_arrowdown.svg
Requested by: Host: pt.im
URL: https://pt.im/resources/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 905efb970150cc064b34db2e371c392626c7f588386c1776eddb1745c673d4b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/resources/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:07 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: "60346cc9-2f2"
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 754
x-amz-cf-id: 5wmhBtRsVH7s6nf2Jfq0m4L1effitOGqm5b1yBVHPvcYFnl_PekWBA==

GET
H2 200 PingFang%20Medium.ttf
pt.im/resources/css/font/ 1 KB
2 KB 189ms
188ms Font
application/octet-stream 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/css/font/PingFang%20Medium.ttf
Requested by: Host: pt.im
URL: https://pt.im/resources/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 17d93ce60b113b9ff8c7126c710a343876577555dd589f1cf85a9b303052da5e

Request headers

Referer: https://pt.im/resources/css/main.css
Origin: https://pt.im
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:07 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: "60346cc9-5f4"
x-cache: Miss from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
content-length: 1524
x-amz-cf-id: JKScEOB_a6ajh4L9QHUkHbWR6FWIDTm8a6UUbzZWJZaKqivRf7I0JA==

GET
H2 200 iconfont.woff
pt.im/resources/css/font2.0/ 8 KB
8 KB 184ms
182ms Font
font/woff 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.im/resources/css/font2.0/iconfont.woff
Requested by: Host: pt.im
URL: https://pt.im/resources/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-68.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: a00dd41dff5b716fed0a24530d73b58775252a8c6ebe2950256a62048b300075

Request headers

Referer: https://pt.im/resources/css/main.css
Origin: https://pt.im
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:07 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
last-modified: Tue, 23 Feb 2021 02:47:37 GMT
server: openresty
x-amz-cf-pop: FRA60-P1
etag: "60346cc9-1f4c"
x-cache: Miss from cloudfront
content-type: font/woff
accept-ranges: bytes
content-length: 8012
x-amz-cf-id: Wm5DrUwE023b_0YR21Tk7vq4DNEiHjl9pF3tWmrIW7w-0qwR3BcZ4Q==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/ 348 KB
116 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3412308198192818&plah=pt.im

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83071c663690a33e77e6a64a05f5eb8b6f10b655ad9d936481c9aafdb5f60b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119044
x-xss-protection: 0
server: cafe
etag: 9711328916814640695
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 13:53:07 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230406/r20190131/ Frame 0274 10 KB
4 KB 25ms
24ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.im/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 11:15:04 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 11:15:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
100 B 29ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pt.im&callback=_gfp_s_&client=ca-pub-3412308198192818&cookie=ID%3Dc35728e4bab1b3e6-2204ada48cdd00d4%3AT%3D1681221186%3ART%3D1681221186%3AS%3DALNI_MZDxnq8Ttk1F1uHKR2BoZxJbCHAAg&gpic=UID%3D00000bd3dc1f5a6b%3AT%3D1681221186%3ART%3D1681221186%3AS%3DALNI_MZxZRF-mMtFlZD3JAcH7kQqgsUfkA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 30ms
29ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pt.im

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 30ms
30ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pt.im

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 069C 603 B
69 B 144ms
143ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3412308198192818&output=html&adk=1812271804&adf=3025194257&lmt=1681221188&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x945_l%7C356x675_r&format=0x0&url=https%3A%2F%2Fpt.im%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681221187840&bpp=4&bdt=776&idt=246&shv=r20230406&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc35728e4bab1b3e6-2204ada48cdd00d4%3AT%3D1681221186%3ART%3D1681221186%3AS%3DALNI_MZDxnq8Ttk1F1uHKR2BoZxJbCHAAg&gpic=UID%3D00000bd3dc1f5a6b%3AT%3D1681221186%3ART%3D1681221186%3AS%3DALNI_MZxZRF-mMtFlZD3JAcH7kQqgsUfkA&nras=1&correlator=6183715550781&frm=20&pv=2&ga_vid=1483423276.1681221188&ga_sid=1681221188&ga_hid=1060738919&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31071756%2C44785295&oid=2&pvsid=117187549477159&tmod=1740001236&uas=0&nvt=2&ref=https%3A%2F%2Fpt.im%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=268

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.im/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 13:53:08 GMT
expires: Tue, 11 Apr 2023 13:53:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET pt://resolve?domain=potato&
pt://resolve?domain=potato& Frame FA85 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 70ms
70ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230406&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9166e876c816852dc6a2a0e7070650378149fe0e4f53816640b468a01714f804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11264
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 13:53:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A219 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.im/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9718
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 11:11:10 GMT
expires: Wed, 10 Apr 2024 11:11:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1F6A 783 B
1 KB 29ms
28ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

792566c78595052069aa0d3a5e1f0a69af4ab4d7f60eef90ffe4ee469b2313b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TVb-f47SzTlyf9_KGmtNKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pt.im/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-TVb-f47SzTlyf9_KGmtNKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 13:53:08 GMT
expires: Tue, 11 Apr 2023 13:53:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame A219 36 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 11:15:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1F6A 0
0 55ms
55ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230406&jk=117187549477159&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A219 0
10 B 25ms
25ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sXvg9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:53:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230406&jk=117187549477159&bg=!5uWl5bHNAAYIJb0jKCU7ADkAdvg8WgVXBH30hRqIuL35NFhj8UC-VOSiB9jafuvsmOjg2hOIAaGZZyf9iwLsnoDpLS9TOQqr9gkCAAAAWFIAAAACaAEHCgBvPCkqlX11dUUHqCJA6oc7crtveC4kAp19DzZLpStJ3fLq7AkPQPnHhZ399xP3Uq6s93CMYbw8UjtEQfzEGeVwO3CU2EuCtFzqxq2A8OgA-sM9LqU3902HYjSQCONjIXs8mIJipn_OjliQjKtt4x-MmQKZpMzOd6QkDcjNUzqM8d-8amahKn23nSNH6krO5I2uRbgQH7EmKZFluK756VySQA3dapEH-yzmyqbO-BJueWOIiDqp_tul5EXyOil8zXiFXR9lLcnZGxIldbvJ_eo4Yv0jGubxD5FJGfXmRuQrS4mdu4otKZsGcXmD0jqALZ_Ym_biy-HZPMJnttpDkhfpmDnYCHx5bJDhAbGnwOkSRu41GJD7BTdOBxlC45JSqB48HHDXtHoiobe8UoXuhQ_6qHGFJQ1-nMQ3FtZtsEhk17GmCRZbxrtdtPuacGzKghQ6CcnZv2UnVEAQFHKGgSEUbCeFWaJMjdvDNDaZxmHm6QRpWMb80AEZpsapiK_05jAQDbBsA4pkCcFvrQu45202xv4P3Gvac52gMv6d8O1iBzNaeZ6jDIVDPZK0l7qvndJirTxvKmzaDojzwNdo6hyfpOwSIQBA9OWlBTI5J3qBTERqUGOiphoRLw-4y0MIG2g88Qhe2qnJ3hwlFeK5jXNfr4xXU8uRwEpeWdNu3yH9sc6iA5dezrtQ4e99AfGTKvbFcb870r7NjcUp_n9l0OFtERUgT5pnZcMFfJswPQQwwcwkaDIZo6UiXx_TrmZY6kU0ZY05WjPZggWmpEu6BeZ7I_vbF9qiRvIQfEiUf-Mf6Vj289o6g8iEiatIXkxU8v1dBM96CS6GXm6Lq2jgfOt21dGq8jTL65GtKEX4BhlyScdZXL8f-B7NBaFfR4fsmUU8su0r2LdYz_kkGJm_8-Nb0askUhJsvnQOGtMsc7lGhinhJjInpJseCFjFWuYzlyc9p1tkcACbC45XgIiU2yts8_ClBmEiCuJ52AWrNAbGkrcttyIWTb7zhJyXV1br-tGztuwE3OZ3VvH44p8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: resolve
URL: pt://resolve?domain=potato&

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Domain: resolve
URL: pt://resolve?domain=potato&

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pt.im/	1970-01-20 20:21:57	Name: __gads Value: ID=c35728e4bab1b3e6-2204ada48cdd00d4:T=1681221186:RT=1681221186:S=ALNI_MZDxnq8Ttk1F1uHKR2BoZxJbCHAAg
.pt.im/	1970-01-20 20:21:57	Name: __gpi Value: UID=00000bd3dc1f5a6b:T=1681221186:RT=1681221186:S=ALNI_MZxZRF-mMtFlZD3JAcH7kQqgsUfkA
pt.im/	1969-12-31 23:59:59	Name: lang Value: en
pt.im/	1969-12-31 23:59:59	Name: JSESSIONID Value: 4B0B42CBC64675B4490F56CDF9B61907
.doubleclick.net/	1970-01-20 20:21:57	Name: IDE Value: AHWqTUn5MQAnm7Jsb-hIshnc5cP1y33SIUR3ap8NbiuR2wOqd68-0iOEpr9450LLa1I

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pt.im
resolve
tpc.googlesyndication.com
www.google.com
resolve
tpc.googlesyndication.com
www.google.com
13.32.121.68
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0c9b5e8530866f759a157a9427d36ee42b962a09871d8bc50aff5d51721b3fba
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17d93ce60b113b9ff8c7126c710a343876577555dd589f1cf85a9b303052da5e
1d99414b609af4ba344f53b4eebddf29ae464828833367b975eca559e24de326
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
334f42299e3341c64ac6c5a7523fe28128769110d0beb4b48a651a49ced6ee87
338274e32087c92344d5212c66cf8652daefe4c34ade940a1406648c600ba631
536488071cde54195008c8ceec4dc17d4c22c9d441c670e03bbef210413741d8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
6053713edc723ab707193f41317f76a0be0d334effacdfc5818120af2f36ef51
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
723bdb8e2c7f82ab1579572d4af17028f774d6701db4230528c5854e0ed78c0b
792566c78595052069aa0d3a5e1f0a69af4ab4d7f60eef90ffe4ee469b2313b6
7e6ed42f185d84bef1f103d48c659ea7668208c965fce243df60fef2faeecb56
905efb970150cc064b34db2e371c392626c7f588386c1776eddb1745c673d4b5
9166e876c816852dc6a2a0e7070650378149fe0e4f53816640b468a01714f804
94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83
99e92eb0cb9c935b6287bd12a5a7c05291eea2c1fa7c386a29acc1fe84e2c754
9cb6fbbf3aaa55e5ad751b5504b2b168daefed9467f775224ff8e36ba5dcf5b0
a00dd41dff5b716fed0a24530d73b58775252a8c6ebe2950256a62048b300075
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56153d6635a120f0d432694784ecf4fb385762aa6d1965191bd78cf34eccc1b
adc040664d32fba316ced543fdc279c32c527ea43d4ba7727bb2efe8c6a83025
b83071c663690a33e77e6a64a05f5eb8b6f10b655ad9d936481c9aafdb5f60b4
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dfe1b821b4384025d56d290e488ea8b57e0adaa94475c1f5ae60b8b8b1568803
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d
fc6e467c5ebd7d6aedbfe1600cd8e00927d1f2e2a99e682f84d7fe6a9a43faf7

pt.im Open in urlscan Pro 13.32.121.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

93 %HTTPS

88 %IPv6

7 Domains

9 Subdomains

9 IPs

2 Countries

676 kBTransfer

1884 kBSize

5 Cookies

7 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pt.im Open in urlscan Pro
13.32.121.68 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

93 %
HTTPS

88 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

676 kB
Transfer

1884 kB
Size

5
Cookies

58 HTTP transactions
0 data transactions